LDP
/
old-www
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
old-www/LDP/LG/issue82/TWDT.html

6067 lines
227 KiB
HTML
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE> Linux Gazette Table of Contents LG #82</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#0000AF"
ALINK="#FF0000" >
<center>
<!-- A HREF="http://www.linuxgazette.com/">
<H1><IMG SRC="../gx/newlogo.jpg" ALT="LINUX GAZETTE" border="0"></H1></A> -->
<A HREF="http://www.linuxgazette.com/">
<H1><IMG ALT="LINUX GAZETTE" SRC="../gx/lglogo.png"
WIDTH="600" HEIGHT="124" border="0"></H1></A>
<H2>September 2002, Issue 82 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
Published by <I>Linux Journal</I></H2>
<A HREF="../index.html">Front Page</A> &nbsp;|&nbsp;
<A HREF="../index.html">Back Issues</A> &nbsp;|&nbsp;
<A HREF="../lg_faq.html">FAQ</A> &nbsp;|&nbsp;
<A HREF="../mirrors.html">Mirrors</A> <!-- &nbsp;|&nbsp; --><BR>
<A HREF="../tag/kb.html">The Answer Gang knowledge base</A> (your Linux questions here!) <!-- &nbsp;|&nbsp; --><BR>
<A HREF="http://www.linuxgazette.com/search.html">Search (www.linuxgazette.com)</A>
<!-- *** BEGIN mirror site search link *** -->
<!-- &nbsp; <A HREF="http://www.linuxgazette.com/search.html">(SITE.COM
mirror)</A> -->
<!-- *** END mirror site search link *** -->
</CENTER>
<HR NOSHADE>
<!--=================================================================-->
<!-- H1><font color="#BB0000">Table of Contents:</font></H1 -->
<!-- *** BEGIN toc *** -->
<UL>
<LI> <a HREF="lg_mail.html">The MailBag</A>
<LI> <a HREF="lg_tips.html">More 2-Cent Tips</A>
<LI> <a HREF="lg_answer.html">The Answer Gang</A>
<LI> <a HREF="lg_bytes.html">News Bytes</A>
<LI> <a HREF="ecol.html">Ecol</A> , <EM>by Javier Malonda at escomposlinux.org</EM>
<LI> <a HREF="qubism.html">Qubism</A> , <EM>by Jon "Sir Flakey" Harsem</EM>
<LI> <a HREF="raghu.html">Writing your own Toy OS - Part III</A> , <EM>by Raghu and Chitkala</EM>
<LI> <a HREF="shekhar.html">Kerberos: The watchdog of the Ether</A> , <EM>by Raj Shekhar</EM>
<LI> <a HREF="tougher.html">My Guide To Digital Photography</A> , <EM>by Rob Tougher</EM>
<LI> <a HREF="veerapen.html">Adaptive Linux Firewalls</A> , <EM>by Vasoo Veerapen</EM>
<LI> <a HREF="ward.html">Multihead Systems under Linux and Windows</A> , <EM>by Alan Ward</EM>
<LI> <a HREF="lg_backpage.html">The Back Page</A>
</UL>
<!-- *** END toc *** -->
<HR NOSHADE>
<!--=================================================================-->
<H3 ALIGN="center"><EM>Linux Gazette</EM> Staff and The Answer Gang</H3>
<BLOCKQUOTE>
<STRONG>Editor:</STRONG> Michael Orr<BR>
<STRONG>Technical Editor:</STRONG> Heather Stern<BR>
<STRONG>Senior Contributing Editor:</STRONG> Jim Dennis<BR>
<STRONG>Contributing Editors:</STRONG>
Ben Okopnik, Dan Wilder, Don Marti
</BLOCKQUOTE>
<HR NOSHADE>
<!--=================================================================-->
<A HREF="TWDT.txt.gz">TWDT 1 (gzipped text file)</A><BR>
<A HREF="TWDT.html">TWDT 2 (HTML file)</A><BR>
are files containing the entire issue: one in text format, one in HTML.
They are provided
strictly as a way to save the contents as one file for later printing in
the format of your choice;
there is no guarantee of working links in the HTML version.
<HR NOSHADE>
<!--=================================================================-->
<center>
<I>Linux Gazette</I><img alt="[tm]" src="../gx/tm.gif">,
<A HREF="http://www.linuxgazette.com/">http://www.linuxgazette.com/</A><BR>
This page maintained by the Editor of <I>Linux Gazette</I>,
<A HREF="mailto: gazette@ssc.com"> gazette@ssc.com</A>
<P>
<H5>Copyright &copy; 1996-2002 Specialized Systems Consultants, Inc.</H5>
</center>
<HR NOSHADE>
<!--=================================================================-->
<TABLE BORDER><TR><TD WIDTH="200">
<A HREF="http://www.linuxgazette.com/">
<IMG ALT="LINUX GAZETTE" SRC="../gx/2002/lglogo_200x41.png"
WIDTH="200" HEIGHT="41" border="0"></A>
<BR CLEAR="all">
<SMALL>...<I>making Linux just a little more fun!</I></SMALL>
</TD><TD>
<center>
<BIG><BIG><STRONG><FONT COLOR="maroon">Mailbag</FONT></STRONG></BIG></BIG><BR>
<STRONG>From the Readers of <i>Linux Gazette</I></STRONG></BIG>
</TD></TR>
</TABLE>
<P>
<!-- END header -->
<center><p>
<STRONG>Submit general comments and <a href="http://www.linuxgazette.com/faq/author.html">articles</a> to <A HREF="mailto:gazette@ssc.com">The Editors of <i>Linux Gazette</I></A>.
<br>Send technical answers and Linux tips to <A HREF="mailto:linux-questions-only@ssc.com">The Answer Gang</A>.
</STRONG>
<br><em><font color="#7F0000">We make <b>no guarantees</b> about answers, but you can be <b>anonymous</b> on request.</font></em></p></center>
<!-- BEGIN wanted -->
<HR>
<center>
<BIG><STRONG><FONT COLOR="maroon">HELP WANTED: Article Ideas</FONT></STRONG></BIG>
</center><HR>
<UL>
<!-- index_text begins -->
<li><A HREF="#wanted/1"
><strong>This is re canon printer Bjc 250</strong></a>
<li><A HREF="#wanted/2"
><strong>Sendmail + Courier IMAP</strong></a>
<li><A HREF="#wanted/3"
><strong>Postfix ?</strong></a>
<li><A HREF="#wanted/4"
><strong>Ethernet errors, possible conflict?</strong></a>
<li><A HREF="#wanted/5"
><strong>Step by step multilink ppp dual modems?</strong></a>
<!-- index_text ends -->
</UL>
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<P> <A NAME="wanted/1"><HR WIDTH="75%" ALIGN="center"></A> <P>
<H3><IMG ALIGN=BOTTOM ALT="" SRC="../gx/envelope.gif">
<FONT COLOR="navy">This is re canon printer Bjc 250</FONT></H3>
Wed, 07 Aug 2002 15:41:58 -0300
<BR>Bessie Flanders (<a href="mailto:linux-questions-only@ssc.com?cc=flanders@ns.sympatico.ca&subject=%20Re%3A%20%5BLG%2082%5D%20help%20wanted%20%231%20prints%201st&20page%20as%20junk">flanders from ns.sympatico.ca</a>)
<P>
Every time I want it to print using the canon printer bjc 250 it sends out
a mostly blank piece of paper with some unreadable symbols at the topand
then the second sheet it will print as directed I have shut my scanner off
and it still does the same thing Thanks for your help in advance
</P>
<P>
bessie flanders
</P>
<blockquote><font color="#000066">Bessie, I'd say at first glance that the init string for the printer is
not quite right, but whatever it does between pages is, and needs to
be applied. Unfortunately without knowing which Linux based print setup
you're using, we can't go farther with that.
</font></blockquote>
<blockquote><font color="#000066">There's decent stuff out there for actually just getting the drivers in
(The Printing Howto at <A HREF="http://www.linuxprinting.org/howto/how.html"
>http://www.linuxprinting.org/howto/how.html</A> being
canonical) - but they are a tiny bit technical, mentioning buzzwords
and kernel parameters and so on. She seems to have gotten that far,
anyway. If you have a lively tale of your adventures in printer setup
and success, that you think would educate your fellow readers, especially
the newbies among us, then we'd love to see your artIcle.
-- Heather</font></blockquote>
<!-- end 1 -->
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<P> <A NAME="wanted/2"><HR WIDTH="75%" ALIGN="center"></A> <P>
<H3><IMG ALIGN=BOTTOM ALT="" SRC="../gx/envelope.gif">
<FONT COLOR="navy">Sendmail + Courier IMAP</FONT></H3>
Thu, 8 Aug 2002 16:49:15 +0800 (PHT)
<BR>Domingo Genaro P. Tamayo (<a href="mailto:linux-questions-only@ssc.com?cc=domeng@stii.dost.gov.ph&subject=%20Re%3A%20%5BLG%2082%5D%20help%20wanted%20%232%20sendmail%20and&20Courier">domeng from stii.dost.gov.ph</a>)
<P>
Hi! Good day.
</P>
<P>
I've been looking for a good documentation on configuring Sendmail +
Courier IMAP (with MailDir) but I can't find one. My server's specs:
</P>
<blockquote><code><font color="#000033"><br>Mandrake 8.2
<br>Sendmail 8.12
<br>Procmail 3.22
</font></code></blockquote>
<P>
Currently, I'm using the IMAP and POP server distributed with Mandrake. Im
using Postfix as my MTA before, but when I needed to use MailScanner
(<A HREF="http://www.mailscanner.info"
>http://www.mailscanner.info</A>) I have no choice but to use Sendmail.
I want to switch to Courier IMAP and make use of their MailDir feature and
MySQL auth, but I can't find a good tutorial or howto. I believe you can
help me with this one.
</P>
<P>
Thanks and more power
<br>Domingo Genaro P. Tamayo
</P>
<!-- end 2 -->
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<P> <A NAME="wanted/3"><HR WIDTH="75%" ALIGN="center"></A> <P>
<H3><IMG ALIGN=BOTTOM ALT="" SRC="../gx/envelope.gif">
<FONT COLOR="navy">Postfix ?</FONT></H3>
Sat, 20 Jul 2002 23:24:29 +0500
<BR>Shahid Ahmad (<a href="mailto:linux-questions-only@ssc.com?cc=shahid@laserint.com&subject=%20Re%3A%20%5BLG%2082%5D%20help%20wanted%20%233%20Postfix%20hates%20Outlook">shahid from laserint.com</a>)
<P>
Hi,
</P>
<P>
I have installed the Mandrake-Linux 8 and Postfix , all the thing run
smoothly on Linux machine
but whenever I try to get Email from my windows computer (Outlook Express) .
I get ther error message
</P>
<blockquote><pre>Your server has unexpectedly terminated the connection. Possible causes for
this include server problems, network problems, or a long period of
inactivity. Account: 'Root', Server: '192.0.0.2', Protocol: POP3, Port: 110,
Secure(SSL): No, Error Number: 0x800CCC0F
</pre></blockquote>
<P>
The NIC both of PC is working and also ping to eachother.
</P>
<P>
Please help me in this regard how to collect email from my Linux machine in
OutLook Express (win98 ) .
</P>
<P>
Thanks &amp; best regards.
<br>Shahid Ahmad.
</P>
<!-- end 3 -->
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<P> <A NAME="wanted/4"><HR WIDTH="75%" ALIGN="center"></A> <P>
<H3><IMG ALIGN=BOTTOM ALT="" SRC="../gx/envelope.gif">
<FONT COLOR="navy">Ethernet errors, possible conflict?</FONT></H3>
Sat, 27 Jul 2002 23:34:41 -0500
<BR>Matt Bradbury (<a href="mailto:linux-questions-only@ssc.com?cc=bradbury@rebeldev.net&subject=%20Re%3A%20%5BLG%2082%5D%20help%20wanted%20%234%20ping%20with%20ipmasq">bradbury from rebeldev.net</a>)
<P>
I have been searching everywhere for a possible cause to this little
problem. I have two LNE100tx Ethernet adapters in a Redhat Linux 7.1
machine with kernel version 2.4.9-34smp. Eth0 is hooked to a 100tx
switch and Eth1 to a Toshiba cable modem, both using cat5e cable with
very short runs. I use an iptables based firewall rule set to allow for
ip-masquerading. The inside interface works perfectly, and so far as
I've seen the outside interface actually works perfectly in spite of the
fact that ifconfig shows that I have 0 tx packets on that interface and
tons of errors. My real question is if these are true readings how can
I still ping this machine and receive responses without it transmitting
packets to the cable modem? I have included some relevant output from
ifconfig, iptables -L as I'm not sure that it's not a conflict in my
rule set, and ping output from another location. Any information on
this problem (even if it's just that the output of ifconfig is wrong)
would be greatly appreciated.
</P>
<P>
Ifconfig output:
</P>
<p align="center">See attached <tt><a href="misc/wanted/bradbury.ifconfig.txt">bradbury.ifconfig.txt</a></tt></p>
<P><CODE>
iptables -L output:
</CODE></P>
<p align="center">See attached <tt><a href="misc/wanted/bradbury.iptables.txt">bradbury.iptables.txt</a></tt></p>
<P><CODE>
ping output:
</CODE></P>
<p align="center">See attached <tt><a href="misc/wanted/bradbury.ping.txt">bradbury.ping.txt</a></tt></p>
<P>
Thanks in advance,
<BR>Matt Bradbury
</P>
<blockquote><font color="#000066">It used to be that you could be sure
<b>not</b> to be able to ping from behind IP masquerades. There's some
sign this has changed in 2.4. If anyone knows the gory details, let us
know how you do it. -- Heather</font></blockquote>
<!-- end 4 -->
<!-- . . . . . . . . . . . . . . . . . . . -->
<HR WIDTH="40%" ALIGN="center">
<H3><IMG ALIGN=BOTTOM ALT="" SRC="../gx/envelope.gif">
<FONT COLOR="navy">Step by step multilink ppp dual modems?</FONT></H3>
Wed, 21 Aug 2002 10:01:54 -0500 (COT)
<BR>John Karns (the <em>LG</em> Answer Gang)
<BR>Question by Barb & Charlie Wells (<a href="mailto:linux-questions-only@ssc.com?cc=welzgang@now2000.com&cc=jkarns@csd.net&subject=%20Re%3A%20%5BLG%2082%5D%20help%20wanted%20%235%20multilink">welzgang from now2000.com</a>)
<P><STRONG>
I have no problems finding references that multilink ppp dual modems are
possible in linux but for the life of me I can't find a step by step
guide how to set this up. I am a newbe using Mandrake 8.2 and would
really appreciate info on how to actually set my computer up for
multilink 56k modems. My ISP does provide this service.
</STRONG></P>
<P>
You will most likely need to re-configure and compile your kernel - you
will need to install the source pkg from your Mandrake installation CD's
if it's not already installed. I don't believe that that most distro
supplied kernels are configured for that. From the kernel confg help:
</P>
<TABLE WIDTH="95%" BORDER="1" BGCOLOR="#FFFFCC"><TR><TD>
<p align="center">...............</p>
<P><BLOCKQuote>
EQL (serial line load balancing) support
</BLOCKQuote></P>
<P>
CONFIG_EQUALIZER
</P>
<P>
If you have two serial connections to some other computer (this
usually requires two modems and two telephone lines) and you use
SLIP (the protocol for sending Internet traffic over telephone
lines) or PPP (a better SLIP) on them, you can make them behave like
one double speed connection using this driver. Naturally, this has
to be supported at the other end as well, either with a similar EQL
Linux driver or with a Livingston Portmaster 2e.
</P>
<P>
Say Y if you want this and read Documentation/networking/eql.txt.
You may also want to read section 6.2 of the NET-3-HOWTO, available
via FTP (user: anonymous) from
<A HREF="ftp://metalab.unc.edu/pub/Linux/docs/HOWTO"
>ftp://metalab.unc.edu/pub/Linux/docs/HOWTO</A>.
</P><p align="center">...............</p>
</TD></TR></TABLE>
<P>
Good luck
--
John Karns
</P>
<blockquote><font color="#000066">Anyone who can write an article about bonding multiple lines for
increased bandwidth - whether ethernet or modem lines are used --
is encouraged to send one in!
-- Heather</font></blockquote>
<!-- end 5 -->
<HR>
<center>
<BIG><STRONG><FONT COLOR="maroon">GENERAL MAIL</FONT></STRONG></BIG>
<BR>
</center><HR>
<UL>
<!-- index_text begins -->
<li><A HREF="#mailbag/1"
><strong>Re: article idea - making the minidistro</strong></a>
<li><A HREF="#mailbag/2"
><strong>Nigeria scam</strong></a>
<li><A HREF="#mailbag/3"
><strong>Sweet...</strong></a>
<li><A HREF="#mailbag/4"
><strong>END OF BODY complaint</strong></a>
<!-- index_text ends -->
</UL>
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<P> <A NAME="mailbag/1"><HR WIDTH="75%" ALIGN="center"></A> <P>
<H3><IMG ALIGN=BOTTOM ALT="" SRC="../gx/envelope.gif">
<FONT COLOR="navy">Re: article idea - making the minidistro</FONT></H3>
Mon, 5 Aug 2002 20:55:21 +0200
<BR>Lennart Benschop (<a href="mailto:gazette@ssc.com?subject=%20Re%3A%20%5BLG%2082%5D%20mailbag%20%231%20minidistro">l.benschop2 from chello.nl</a>)
<P>
How to make a minimal Linux system with uClibc and Busybox is described in an
article on my home page "Getting Linux into Small Machines". See
<A HREF="http://www.xs4all.nl/~lennartb/linux.html"
>http://www.xs4all.nl/~lennartb/linux.html</A>
</P>
<P>
Not a complete mini distro, but maybe a good starting point.
</P>
<P>
--
Lennart.
</P>
<blockquote><font color="#000066">One of our Answer Gang members is also plotting to write a bit of an
article about the LNX-BBC rescue minidisc. The rest of us are
encouraging him, so maybe you'll see something on that one at some point
too
<IMG SRC="../gx/dennis/smily.gif" ALT=":)"
height="24" width="20" align="middle">
-- Heather</font></blockquote>
<!-- end 1 -->
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<P> <A NAME="mailbag/2"><HR WIDTH="75%" ALIGN="center"></A> <P>
<H3><IMG ALIGN=BOTTOM ALT="" SRC="../gx/envelope.gif">
<FONT COLOR="navy">Nigeria scam</FONT></H3>
Fri, 16 Aug 2002 16:09:16 -0700
<BR>Mike Orr (<a href="mailto:gazette@ssc.com?subject=%20Re%3A%20%5BLG%2082%5D%20mailbag%20%232%20caught%20spammers">mso from ssc.com</a>)
<P><DL><DT>
A followup to the continuing Nigeria business scam spams we receive
every day (which are lampooned on the Back Page this issue as in most
other issues):
15 Nigerians were arrested in South Africa on money scam charges.
<DD><A HREF="http://news.bbc.co.uk/2/hi/africa/2198480.stm"
>http://news.bbc.co.uk/2/hi/africa/2198480.stm</A>
</DL></P>
<P>PS. The Gazette mailbox is still getting 10-20 of those critters
a day, often including several copies of the same e-mail.</P>
<!-- end 2 -->
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<P> <A NAME="mailbag/3"><HR WIDTH="75%" ALIGN="center"></A> <P>
<H3><IMG ALIGN=BOTTOM ALT="" SRC="../gx/envelope.gif">
<FONT COLOR="navy">Sweet...</FONT></H3>
Sun, 28 Jul 2002 22:45:20 -0400
<BR>Benjamin A. Okopnik (<i>LG</i> Contributing Editor)
<BR>Comment by Tim Chase (<a href="mailto:gazette@ssc.com?subject=%20Re%3A%20%5BLG%2082%5D%20mailbag%20%233%20sweet">gumnos from hotmail.com</a>)
<P><STRONG>
As a long time self-taught user of Linux/Unix/Ultrix (and several other
flavours), I've become addicted to such handy tools as vi, grep, sed, awk,
ctags, and the bazillion other little utilities that can be so artisticly
chained together to produce the desired results. I've stumbled across your
LG archives, and all I can say is "WOAH!" I'm going to have to find myself
a text-to-speech translator so I can read/listen-to all of this good stuff
whilst at work, because there's just so much in here. Thanks for such a
fabulous (and fun!) resource...
</STRONG></P>
<P>
Glad you're enjoying it, Tim. Given that you do have this broad range of
experience, you might want to give a thought to joining The Answer Gang;
as far as I'm concerned, it's the most fun part of LG. You don't have to
have all the answers... as long as you have a few, you can contribute.
Take a look at:
</P>
<P><BLOCKQuote>
<A HREF="../tag/members-faq.html"
>http://www.linuxgazette.com/tag/members-faq.html</A>
</BLOCKQuote></P>
<P>
Ben Okopnik
</P>
<!-- end 3 -->
<!-- . . . . . . . . . . . . . . . . . . . -->
<HR WIDTH="40%" ALIGN="center">
<H3><IMG ALIGN=BOTTOM ALT="" SRC="../gx/envelope.gif">
<FONT COLOR="navy">END OF BODY complaint</FONT></H3>
Wed, 21 Aug 2002 10:12:28 -0700
<BR>Mike Orr (<a href="mailto:gazette@ssc.com?subject=%20Re%3A%20%5BLG%2082%5D%20mailbag%20%234%20klez%20side%20effects"><em>Linux Gazette</em> Editor</a>)
<BLOCKQUOTE>
<STRONG>
On Wed, Aug 21, 2002 at 08:19:40AM -0400, Mxxxxxxx Gxxxxx wrote:
Please remove me from your list
</STRONG>
<Pre><STRONG>
-----Original Message-----
From: gazette [mailto:gazette@ssc.com]
Sent: Tuesday, August 20, 2002 9:47 PM
To: xxxxxxxxx@xxxxx.com
Subject: END OF BODY
</STRONG></Pre>
</BLOCKQUOTE>
<P>
<B>Mxxxxx@xxxxxxxx.com</B> is not on any of our mailing lists.
</P>
<P>
The unusual Subject: line and From: line suggest you received a message
from a Klez worm/virus. Klez operates by choosing a To: address and a From:
address randomly from the user's Microsoft Outlook address book. In other
words, it comes from someplace completely different than where it claims to
have come from. If you know anybody who uses Outlook and has both your address
and LG's in their addressbook, you can warn them. Or if you have the
original message, you can tell from its Received: headers which domain it
came from. If you want to send me the headers, I can show you how to verify
whether it's Klez and what the originating domain is.
</P>
<P>
Usually Klez messages come with a binary attachment, but sometimes the program
goofs and sends only a one-liner. Of course, you don't ever want to run -- or
let your computer automatically run -- a binary attachment from somebody you
don't know, because that's how viruses and worms spread. Klez in particular
also tries to disguise the attachment so it looks like a different type than
it is. For instance, it can disguise an executable program as a sound file,
which tricks certain versions of Windows into executing it.
</P>
<P>
More information is at <A HREF="../issue78/lg_backpage.html#klez"
>http://www.linuxgazette.com/issue78/lg_backpage.html#klez</A>
</P>
<!-- end 4 -->
<HR>
<center>
<BIG><STRONG><FONT COLOR="maroon">GAZETTE MATTERS</FONT></STRONG></BIG>
<BR>
</center><HR>
<UL>
<!-- index_text begins -->
<li><A HREF="#gaz/1"
><strong>Advertising in LG</strong></a>
<li><A HREF="#gaz/2"
><strong>mailbag question</strong></a>
<!-- index_text ends -->
</UL>
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<P> <A NAME="gaz/1"><HR WIDTH="75%" ALIGN="center"></A> <P>
<H3><IMG ALIGN=BOTTOM ALT="" SRC="../gx/envelope.gif">
<FONT COLOR="navy">Advertising in LG</FONT></H3>
Wed, 31 Jul 2002 13:21:32 -0700
<BR>Mike Orr (<a href="mailto:gazette@ssc.com?subject=%20Re%3A%20%5BLG%2082%5D%20gazette%20matters%20%231%20ads"><em>Linux Gazette</em> Editor</a>)
<P><STRONG>
We are looking to contact some Linux websites and The Linux Gazette was
recommended to me. Pls fwd me your editorial contact name and phone number,
so that we may speak with him/her about promotional vehicles via the Linux
Gazette website.
</STRONG></P>
<P>
I am the Editor. The LG site does not accept advertising or the usual
"promotional vehicles". However, we do have a sponsorship program which
can get your company logo on the home page. Contact <A HREF="mailto:sponsor@ssc.com"
>sponsor@ssc.com</A> if
you're interested.
</P>
<P>
We publish announcements about Linux-related products and services in the
News Bytes column. Send a short summary (1-2 paragraphs) in text format,
along with a link to your site, to <A HREF="mailto:gazette@ssc.com"
>gazette@ssc.com</A>. The information
should be targeted to a consumer, not an investor.
</P>
<!-- end 1 -->
<!-- . . . . . . . . . . . . . . . . . . . -->
<HR WIDTH="40%" ALIGN="center">
<H3><IMG ALIGN=BOTTOM ALT="" SRC="../gx/envelope.gif">
<FONT COLOR="navy">mailbag question</FONT></H3>
Fri, 2 Aug 2002 12:09:47 -0400
<BR>Jay R. Ashworth (The <i>LG</i> Answer Gang) and Heather Stern (<i>LG</i> Technical Editor)
<br>Question From dexter (<a href="mailto:gazette@ssc.com?subject=%20Re%3A%20%5BLG%2082%5D%20gazette%20matters%20%232%20chime%20in">dexter from chux.org</a>)
<P><STRONG><BLOCKQuote>
In the 'mailbag' of the 'linux gazette' there was someone
(without e-mailadress) who had a question about running
a Linux server behind a w2k ICS server (Linux terminal
services server can't connect to internet via network)
Now I was wondering, should whoever reads this and
know a solution or more details then he/she does e-mail
to this adress so it'll come in the next mailbag? Is
that how this works? If so, I'd like to reply (very much)
</BLOCKQuote></STRONG></P>
<P>
I'm not entirely sure of that... but they're the same crew, (of people
mangling the replies) so if you know something, I'd say shoot.
</P>
<P>
Cheers,
-- jra
</P>
<p><em>If you have an answer to someone who requested anonymity, you
can always send your message to
<a href="mailto:linux-questions-only@ssc.com"
>linux-questions-only@ssc.com</a> with a subject indicating which
issue and question it's for, and we'll publish it in 2 Cent Tips
or The Answer Gang if appropriate. Probably we'll forward it, but
it's possible we'd just let the reader find it in the next issue.
-- Heather</em></p>
<!-- end 2 -->
<!-- *** BEGIN copyright *** -->
<hr>
<CENTER><SMALL><STRONG>
<h5>This page edited and maintained by the Editors of <I>Linux Gazette</I><br>HTML script maintained by <A HREF="mailto:star@starshine.org">Heather Stern</a> of Starshine Technical Services, <A HREF="http://www.starshine.org/">http://www.starshine.org/</A>
<br>Copyright &copy; 2002
<br>Copying license <A HREF="http://www.linuxgazette.com/copying.html">http://www.linuxgazette.com/copying.html</A>
<BR>Published in Issue 82 of <i>Linux Gazette</i>, September 2002</H5>
</STRONG></SMALL></CENTER>
<!-- *** END copyright *** -->
<HR>
<TABLE width="100%" BORDER><TR><TD WIDTH="200">
<A HREF="http://www.linuxgazette.com/">
<IMG ALT="LINUX GAZETTE" SRC="../gx/2002/lglogo_200x41.png"
WIDTH="200" HEIGHT="41" border="0"></A>
<BR CLEAR="all">
<SMALL>...<I>making Linux just a little more fun!</I></SMALL>
</TD><TD>
<center>
<BIG><BIG><STRONG><FONT COLOR="maroon">More 2&cent; Tips!</FONT></STRONG></BIG></BIG><BR>
<!-- BEGIN tips -->
<STRONG>By <A HREF="mailto:linux-questions-only@ssc.com">The Readers of <i>Linux Gazette</I></A></STRONG></BIG>
</TD></TR>
</TABLE>
<P>
<!-- END header -->
<center><STRONG>See also: The Answer Gang's
<a href="../tag/kb.html">Knowledge Base</a>
and the <i>LG</i>
<a href="http://www.linuxgazette.com/search.html">Search Engine</a></STRONG>
</center><HR>
<UL>
<!-- index_text begins -->
<li><A HREF="#tips/1"
><strong>Linux 2.4.18 + via82cxxx_audio + uart401 = no midi?</strong></a>
<li><A HREF="#tips/2"
><strong>stupid bash tricks #1977 -- programmable completion</strong></a>
<li><A HREF="#tips/3"
><strong>packets</strong></a>
<li><A HREF="#tips/4"
><strong>USB sync</strong></a>
<li><A HREF="#tips/5"
><strong>Deleted force user account, now no access</strong></a>
<li><A HREF="#tips/6"
><strong>AT&T Broadband</strong></a>
<li><A HREF="#tips/7"
><strong>diald</strong></a>
<li><A HREF="#tips/8"
><strong>Fried MBR</strong></a>
<li><A HREF="#tips/9"
><strong>FTP question</strong></a>
<li><A HREF="#tips/10"
><strong>hmorous rant</strong></a>
<li><A HREF="#tips/11"
><strong>Win2k and squid</strong></a>
<!-- index_text ends -->
</UL>
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<P> <A NAME="tips/1"><HR WIDTH="75%" ALIGN="center"></A> <P>
<H3><IMG ALIGN=BOTTOM ALT="" SRC="../gx/lil2cent.gif">
<FONT COLOR="navy">Linux 2.4.18 + via82cxxx_audio + uart401 = no midi?</FONT></H3>
Fri, 02 Aug 2002 10:13:58 -0600
<BR>bgeer (<a href="mailto:linux-questions-only@ssc.com?cc=bgeer@xmission.com&subject=%20Re%3A%20%5BLG%2082%5D%202c%20Tips%20%231%20%20no%20midi">bgeer from xmission.com</a>)
<br>Answers By Robos, Ben Okopnik
<P><STRONG>
Hi Gang,
</STRONG></P>
<BLOCKQUOTE>
[Robos]
Hi bgeer (not gbeer
<IMG SRC="../gx/dennis/smily.gif" ALT=";-)"
height="24" width="20" align="middle"> ?)
</BLOCKQUOTE>
<P><STRONG>
I'm desperate. So far I've researched
<TT>/usr/src/linux-2.4.18/Documentation/sound/*</TT>, HOWTO's, mini-HOWTO's,
google, google groups, &amp; posted 2 pleas for help to
comp.os.linux.hardware. No help so far.
</STRONG></P>
<P><STRONG>
I recently installed 2.4.18. I've got 99% of the stuff I want/need
working including sound, but no midi. wav's &amp; au's play fine, mp3's
play [but with a high freq. squeal].
</STRONG></P>
<P><STRONG>
... timidity 2.11.3 &amp; playmidi 2.4 <EM>act</EM> like they play, but no sound.
</STRONG></P>
<BLOCKQUOTE>
[Robos]
IIRC I had some probs playing stuff that wasn't the right sample-rate
(not midi, mind you), meaning 48kHz did play and 44100 not or other
way around. Maybe thats where the problem lies.
If noone else here can help you I can recommend debianhelp.org, maybe
your last chance
<IMG SRC="../gx/dennis/smily.gif" ALT=";-)"
height="24" width="20" align="middle">
</BLOCKQUOTE>
<BLOCKQUOTE>
[Ben]
That's very interesting - considering that they use completely different
methods and even different devices. "Timidity" actually doesn't use the
MIDI system (I don't remember whether it's "<TT>/dev/audio</TT>" or "<TT>/dev/dsp</TT>").
You can test these with
</BLOCKQUOTE>
<blockquote><pre>cat /etc/motd &gt; /dev/audio
cat /etc/motd &gt; /dev/dsp
</pre></blockquote>
<BLOCKQUOTE>
This should produce short bursts of noise for each device; if it
doesn't, you need to look into why that device isn't working.
</BLOCKQUOTE>
<BLOCKQUOTE>
BTW, have you looked at your volume settings? Do realize that there are
different ones for different devices, and the relevant ones for what
you're doing may be turned way down.
</BLOCKQUOTE>
<P><STRONG><CODE>
lsmod shows:
</CODE></STRONG></P>
<pre><strong> via82cxxx_audio 18200 0
uart401 6340 0 [via82cxxx_audio]
ac97_codec 9640 0 [via82cxxx_audio]
sound 54764 0 [via82cxxx_audio uart401]
soundcore 3556 5 [via82cxxx_audio sound]
</strong></pre>
<P><STRONG>
are loaded &amp; dmesg shows:
</STRONG></P>
<pre><strong> via686a.o version 2.6.3 (20020322)
Via 686a audio driver 1.9.1
PCI: Found IRQ 5 for device 00:07.5
ac97_codec: AC97 Audio codec, id: 0x4943:0x4511 (ICE1232)
via82cxxx: board #1 at 0xDC00, IRQ 5
Enabled Via MIDI
</strong></pre>
<P><STRONG>
where "Enabled Via MIDI" comes from via82cxxx_audio.o after a
successful call to <TT> probe_uart401()</TT> in uart401.o.
</STRONG></P>
<BLOCKQUOTE>
[Ben]
How about "cat <TT>/dev/sndstat</TT>"? It's not an indicator of anything special
if it says "No such device", but it can be a source of useful info
otherwise.
</BLOCKQUOTE>
<P><STRONG>
My ma'boards are Epox 8kta2 &amp; Asus K7V. The Asus successfully played
a midi using Winblows, tho I hate admitting booting it. My Epox is so
far unpoluted by such evil.
</STRONG></P>
<P><STRONG>
Much obliged for any help...Bob
</STRONG></P>
<!-- end 1 -->
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<P> <A NAME="tips/2"><HR WIDTH="75%" ALIGN="center"></A> <P>
<H3><IMG ALIGN=BOTTOM ALT="" SRC="../gx/lil2cent.gif">
<FONT COLOR="navy">stupid bash tricks #1977 -- programmable completion</FONT></H3>
Sun, 04 Aug 2002 00:18:57 -0700
<BR>Adam Monsen (<a href="mailto:linux-questions-only@ssc.com?cc=adamm@wazamatta.com&subject=%20Re%3A%20%5BLG%2082%5D%202c%20Tips%20%232%20%20completion">adamm from wazamatta.com</a>)
<P>
If you use bash -- especially tab-completion -- you'll love this feature.
</P>
<P>
First, see (<A HREF="http://rpm.pbone.net/index.php3?idpa=317091&idpl=317091&stat=4&search=bash-completion"
>http://rpm.pbone.net/index.php3?idpa=317091&idpl=317091&stat=4&search=bash-completion</A>).
Tarballs and RPMs are available to power up programmable completion for
your bash shell.
</P>
<P>
Once you install the software, try stuff like this ("&lt;TAB&gt;" literally
means "hit the tab button"):
</P>
<blockquote><pre>$ find -user &lt;TAB&gt;&lt;TAB&gt;
$ find -gid &lt;TAB&gt;&lt;TAB&gt;
$ rpm -e &lt;TAB&gt;&lt;TAB&gt;
$ killall &lt;TAB&gt;&lt;TAB&gt;
$ grep --&lt;TAB&gt;&lt;TAB&gt;
$ cvs &lt;TAB&gt;&lt;TAB&gt;
$ mount &lt;TAB&gt;&lt;TAB&gt;
$ kill -&lt;TAB&gt;&lt;TAB&gt;
$ kill -HUP &lt;TAB&gt;&lt;TAB&gt;
$ ssh adamm@&lt;TAB&gt;&lt;TAB&gt;
</pre></blockquote>
<P>
This last one should work without installing software.
</P>
<P>
The concept is simple but handy. Completion functions define what
arguments are useful to complete certain commands. Enjoy!
</P>
<P>
-Adam Monsen
</P>
<blockquote><font color="#1F1F1F">I use "bash_completion" and love the thing - after one small fix.
<IMG SRC="../gx/dennis/smily.gif" ALT=":)"
height="24" width="20" align="middle"> By
default, "ping" (and "fping") complete on the contents of
~/.ssh/known_hosts, which I find a little strange. It should complete on
the contents of "/etc/hosts" instead. Fortunately, local definitions
(anything in "/etc/bash_completion.d") overrides the defaults, so:
-- Ben</font></blockquote>
<p align="center">See attached <tt><a href="misc/tips/ping-complete.bash.txt">ping-complete.bash.txt</a></tt></p>
<blockquote><font color="#1F1F1F">Now, life is good.
<IMG SRC="../gx/dennis/smily.gif" ALT=":)"
height="24" width="20" align="middle"> (I've also notified the author.)
-- Ben</font></blockquote>
<!-- end 2 -->
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<P> <A NAME="tips/3"><HR WIDTH="75%" ALIGN="center"></A> <P>
<H3><IMG ALIGN=BOTTOM ALT="" SRC="../gx/lil2cent.gif">
<FONT COLOR="navy">packets</FONT></H3>
Fri, 26 Jul 2002 01:20:26 -0700 (PDT)
<BR>parth mehta (<a href="mailto:linux-questions-only@ssc.com?cc=parth_mehta@yahoo.com&subject=%20Re%3A%20%5BLG%2082%5D%202c%20Tips%20%233%20%20data%20packets">parth_mehta from yahoo.com</a>)
<br>Answers By Pradeep Padala, N N Ashok
<!-- sig -->
<!-- sig -->
<P><STRONG>
hi,
</STRONG></P>
<P><STRONG>
i came to know abt this site from a friend &amp; i
need some help of yours.
</STRONG></P>
<P><STRONG>
can u tell me how the data packets are sent from
one pc to other in a LAN. in other words about the tcp
ip in linux. lastly if u have any code in c or cpp to
do this job.
</STRONG></P>
<P><STRONG>
waiting for yuour reply.
</STRONG></P>
<P><STRONG>
parth
</STRONG></P>
<BLOCKQUOTE>
[Pradeep]
That's quite a broad question. Gurus like Richard Stevens, Douglas E
Comer wrote atleast three volumes each on this topic. I suggest you read
Richar Stevens' "UNIX Network Programming" book.
</BLOCKQUOTE>
<BLOCKQUOTE>
If you want to know about socket programming(I guess that's what you mean
by c code), there are plenty of articles on web. Google.com is the best place
to search. This is one of the articles I found:
</BLOCKQUOTE>
<BLOCKQUOTE><BLOCKQuote>
<A HREF="http://www.scit.wlv.ac.uk/~jphb/comms/sockets.html"
>http://www.scit.wlv.ac.uk/~jphb/comms/sockets.html</A>
</BLOCKQuote></BLOCKQUOTE>
<BLOCKQUOTE>
There's a TCP/IP resource list on faqs.org:
</BLOCKQUOTE>
<BLOCKQUOTE><BLOCKQuote>
<A HREF="http://www.faqs.org/faqs/internet/tcp-ip/resource-list"
>http://www.faqs.org/faqs/internet/tcp-ip/resource-list</A>
</BLOCKQuote></BLOCKQUOTE>
<BLOCKQUOTE>
If you want to learn how TCP/IP implementation in Linux, best way to do is
to look through source which can be browsed online at <A HREF="http://lxr.linux.no"
>http://lxr.linux.no</A>.
Apart from that, the following document can give you some info:
</BLOCKQUOTE>
<BLOCKQUOTE><BLOCKQuote>
<A HREF="http://www.cs.unh.edu/cnrg/gherrin"
>http://www.cs.unh.edu/cnrg/gherrin</A>
</BLOCKQuote></BLOCKQUOTE>
<BLOCKQUOTE>
[Ashok]
You can look at these links (on Kernel Korner in LG) that I found very
useful in tracing the journey of a packet in Linux:
</BLOCKQUOTE>
<BLOCKQUOTE><BLOCKQuote>
<A HREF="http://www.linuxjournal.com/article.php?sid=4852"
>http://www.linuxjournal.com/article.php?sid=4852</A>
<A HREF="http://www.linuxjournal.com/article.php?sid=5617"
>http://www.linuxjournal.com/article.php?sid=5617</A>
</BLOCKQuote></BLOCKQUOTE>
<BLOCKQUOTE>
Though the article mentiones packet filter it gives a very good overview
of the networking code.
</BLOCKQUOTE>
<!-- end 3 -->
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<P> <A NAME="tips/4"><HR WIDTH="75%" ALIGN="center"></A> <P>
<H3><IMG ALIGN=BOTTOM ALT="" SRC="../gx/lil2cent.gif">
<FONT COLOR="navy">USB sync</FONT></H3>
Tue, 6 Aug 2002 00:31:27 -0700 (PDT)
<BR>Jason Dagit (<a href="mailto:linux-questions-only@ssc.com?cc=dagit@engr.orst.edu&subject=%20Re%3A%20%5BLG%2082%5D%202c%20Tips%20%234%20%20USB%20sync">dagit from engr.orst.edu</a>)
<br>Answers By Ben Okopnik
<!-- sig -->
<!-- sig -->
<P>
I found this on the web
</P>
<P><STRONG><FONT COLOR="#000099"><EM>
[<A HREF="../issue76/lg_tips.html#tips/16"
>http://www.linuxgazette.com/issue76/lg_tips.html#tips/16</A>]
Today, the curiosity bug bit me again, so I poked my nose into the Linux
Visor USB mailing list, and - lo and behold - there it was. Seems that the
new version of "coldsync", at least the beta, now handles the m125! I
downloaded it, configured it, compiled it, made a config file - and...
ta-daa! Palm USB synchronization, under Linux.
</EM></FONT></STRONG></P>
<P><STRONG><FONT COLOR="#000099"><EM>
Life is good.
<IMG SRC="../gx/dennis/smily.gif" ALT=":)"
height="24" width="20" align="middle">
</EM></FONT></STRONG></P>
<P><STRONG>
I have an m130, and I can't get it to sync. Can you send me your config
file and the version of coldsync you use?
</STRONG></P>
<P><STRONG>
I setup <TT>/dev/ttyUSB0</TT> and <TT>/dev/ttyUSB1</TT>, and put this in my config file:
</STRONG></P>
<p align="center">See attached <tt><a href="misc/tips/jason.coldsync-config-that-does-not-work.txt">jason.coldsync-config-that-does-not-work.txt</a></tt></p>
<P><STRONG>
Which gives the following output:
</STRONG></P>
<p align="center">See attached <tt><a href="misc/tips/jason.coldsync-complaints.txt">jason.coldsync-complaints.txt</a></tt></p>
<P><STRONG>
Any ideas?
</STRONG></P>
<P><STRONG>
Thanks,
<BR>Jason
</STRONG></P>
<BLOCKQUOTE>
[Ben]
I assume that you have "usbcore", "usb-uhci", "usbserial", and "visor"
modules loaded, or the equivalent kernel options compiled in - yes? I'm
running "coldsync" v2.2.5 my "~/.coldsyncrc" looks like this:
</BLOCKQUOTE>
<p align="center">See attached <tt><a href="misc/tips/ben.dot-coldsyncrc.txt">ben.dot-coldsyncrc.txt</a></tt></p>
<BLOCKQUOTE>
Obviously, you'll need to have the appropriate username and userid.
Other than that, the only assumption that we're making here is that the
130 works the same way as a 125 - not an unreasonable assumption, but
worth checking if things don't work out.
</BLOCKQUOTE>
<P><STRONG>
Ok, thanks, I should probably contact the coldsync crew at this point.
If I'm doing something wrong then it is a problem with the documentation.
</STRONG></P>
<P><STRONG>
Thanks much,
<BR>Jason
</STRONG></P>
<!-- end 4 -->
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<P> <A NAME="tips/5"><HR WIDTH="75%" ALIGN="center"></A> <P>
<H3><IMG ALIGN=BOTTOM ALT="" SRC="../gx/lil2cent.gif">
<FONT COLOR="navy">Deleted force user account, now no access</FONT></H3>
Mon, 19 Aug 2002 09:07:44 -0500
<BR>Mark Goede (<a href="mailto:linux-questions-only@ssc.com?cc=markgoede@centurytel.net&subject=%20Re%3A%20%5BLG%2082%5D%202c%20Tips%20%235%20%20deleted%20forceuser">markgoede from centurytel.net</a>)
<br>Answers By Jay R. Ashworth, Matthias Posseldt
<!-- sig -->
<!-- sig -->
<blockquote><font color="#000066">We had to get rid of the quoted printable effect,
<EM>and</EM> I had to toss out the HTML attachment. So here's an extra Penny
for the tips: <A HREF="http://expita.com/nomime.html"
>http://expita.com/nomime.html</A> lists instructions for
turning some of that croft <EM>off</EM> so you don't waste bits while emailing.
-- Heather</font></blockquote>
<P><STRONG>
Have a public share account for 8 different Win machines connecting to
a RH6.2 server.
</STRONG></P>
<P><STRONG>
The samba share for the [public] sectiion listed "force users =ftp"
</STRONG></P>
<P><STRONG>
The ftp account was mistakenly deleted, I recreated the ftp account, but
when any user tries to access
the executable files in the public share, they get access violations.
</STRONG></P>
<P><STRONG>
Is there something further that I need to setup for user ftp?
</STRONG></P>
<P><STRONG>
Mark Goede
</STRONG></P>
<BLOCKQUOTE>
[jra]
No, but i'd bet you lunch that you didn't get it re-created with the
right UID. Do an ls -l in the directory in question. If you get a
bunch of files owned by "#14", that's your problem. I'd just change
the number in the passwd file, myself.
</BLOCKQUOTE>
<BLOCKQUOTE>
My RedHat pw file entry is
</BLOCKQUOTE>
<blockquote><pre>ftp:x:14:50:FTP User:/home/ftp:
</pre></blockquote>
<BLOCKQUOTE>
Cheers.
</BLOCKQUOTE>
<BLOCKQUOTE>
[Matthias]
The UID of the new ftp account has to match the old one. So if you created
a new user with useradd ftp and no '-u &lt;nr&gt;" parameter, you have to change
either
</BLOCKQUOTE>
<blockQuote><ol>
<LI>The UID of the account ftp
<LI>The Linux owner of the files in the public share, for instance with
"chown ftp.ftp -R /mnt/samba/public/*".
</ol></blockQuote>
<BLOCKQUOTE>
Ciao
</BLOCKQUOTE>
<!-- end 5 -->
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<P> <A NAME="tips/6"><HR WIDTH="75%" ALIGN="center"></A> <P>
<H3><IMG ALIGN=BOTTOM ALT="" SRC="../gx/lil2cent.gif">
<FONT COLOR="navy">AT&T Broadband</FONT></H3>
Tue, 30 Jul 2002 19:50:59 -0700
<BR>Christian Jackson (<a href="mailto:linux-questions-only@ssc.com?cc=cjsredvelvet@attbi.com&subject=%20Re%3A%20%5BLG%2082%5D%202c%20Tips%20%236%20%20att%20cablemodem">cjsredvelvet from attbi.com</a>)
<br>Answers By N N Ashok, Faber Fedor
<blockquote><font color="#000066">Having an HTML attachment on this added an amazing 140 lines of text I
had to snip. Ugh. While this reader originally referred to
<A HREF="../issue77/lg_tips.html#tips/8"
>[LG 77] 2c Tips #8 dhcp</a>
(maybe they guessed that DHCP is part of the answer?)... there's really
nothing back there specific to AT&amp;T's cablemodems.
-- Heather</font></blockquote>
<P><STRONG>
I have RHL 7.2 on a dual-boot with Win2K running on AT&amp;T Broadband. How
do I set up internet connection in RH? I have search various forums and
come up with no answer.
</STRONG></P>
<P><STRONG>
Please Help,
</STRONG></P>
<P><STRONG>
Christian
</STRONG></P>
<BLOCKQUOTE>
[Ashok]
To configure the internet connection in RH...
</BLOCKQUOTE>
<BLOCKQUOTE>
[Faber]
As with most (all?) things Linux, there are a couple of ways to do it.
Linuxconf will do it, so will internet-druid. IIRC, there is something
on the Control Panel that does that as well.
</BLOCKQUOTE>
<BLOCKQUOTE>
[Ashok]
...you just have to set the
interface connected to your cable modem (say eth0) to use DHCP (AT&amp;T has
stopped giving static IP i think).
</BLOCKQUOTE>
<BLOCKQUOTE>
[Faber]
Once you do that and type (as root) "ifdown eth0 ; ifup
eth0" (or, since you're a Windows user, you can reboot the machine
<IMG SRC="../gx/dennis/smily.gif" ALT=":-)"
height="24" width="20" align="middle">,
</BLOCKQUOTE>
<BLOCKQUOTE>
[Ashok]
I am using RH7.3 as I type this mail with the following config for my eth0
interface which is connected to the cable modem:
</BLOCKQUOTE>
<blockquote><pre>[nnashok@ashoknn-gw nnashok]$ cat /etc/sysconfig/network-scripts/ifcfg-eth0
</pre></blockquote>
<p align="center">See attached <tt><a href="misc/tips/ashok.etc.sysconfig.network-scripts.ifcfg-eth0.txt">ashok.etc.sysconfig.network-scripts.ifcfg-eth0.txt</a></tt></p>
<blockquote><pre>[nnashok@ashoknn-gw nnashok]$
</pre></blockquote>
<BLOCKQUOTE>
But one thing I have not confirmed is if we can directly use Linux
before installing the software given by AT&amp;T on Windows. If you have
already installed the software and are able to access the net, then above
config should work.
</BLOCKQUOTE>
<BLOCKQUOTE>
[Faber]
you then fire up a web broswer, type
"<A HREF="http://www.linuzgazette.com"
>http://www.linuzgazette.com</A>" and start reading.
<IMG SRC="../gx/dennis/smily.gif" ALT=":-)"
height="24" width="20" align="middle">
</BLOCKQUOTE>
<!-- end 6 -->
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<P> <A NAME="tips/7"><HR WIDTH="75%" ALIGN="center"></A> <P>
<H3><IMG ALIGN=BOTTOM ALT="" SRC="../gx/lil2cent.gif">
<FONT COLOR="navy">diald</FONT></H3>
Thu, 1 Aug 2002 19:20:55 -0500
<BR>Shane Simmons (<a href="mailto:linux-questions-only@ssc.com?cc=regeya@earthlink.net&subject=%20Re%3A%20%5BLG%2082%5D%202c%20Tips%20%237%20%20diald">regeya from earthlink.net</a>)
<!-- sig -->
<!-- sig -->
<blockquote><font color="#000066">Shane is responding to
<A HREF="../issue81/lg_tips.html#tips/6"
>[LG 81] 2c Tips #6</a>
-- Heather</font></blockquote>
<P>
Two other things to check:
</P>
<blockQuote><ul>
<LI>make sure diald is changing the default route
after diald starts up. If it's not, traffic is going through sl0 -- which
can be, well, slow. ;-D
<LI>check out pppd's built-in demand dialing. I've used
it on Debian (a cinch to set up! :-D) and have used the same setup on a
Gentoo system (don't ask me how I got all the distfiles AND use a dialup
connection; I have my ways ;-D)
</ul></blockQuote>
<!-- end 7 -->
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<P> <A NAME="tips/8"><HR WIDTH="75%" ALIGN="center"></A> <P>
<H3><IMG ALIGN=BOTTOM ALT="" SRC="../gx/lil2cent.gif">
<FONT COLOR="navy">Fried MBR</FONT></H3>
Fri, 9 Aug 2002 11:52:16 -0400
<BR>reddy vishal (<a href="mailto:linux-questions-only@ssc.com?cc=vishal_saireddy@yahoo.com&subject=%20Re%3A%20%5BLG%2082%5D%202c%20Tips%20%238%20%20fried%20MBR">vishal_saireddy from yahoo.com</a>)
<br>Answers By Ben Okopnik, Heather Stern
<!-- sig -->
<!-- sig -->
<blockquote><font color="#000066">For some reason I can't look at this message's subject without wondering
whether a fried MBR needs special oil or tastes especially good with
garlic. Oh well
<IMG SRC="../gx/dennis/smily.gif" ALT=":)"
height="24" width="20" align="middle">
-- Heather</font></blockquote>
<blockquote><font color="#CC33CC">Maybe it goes good with
<A HREF="../issue67/lg_backpage.html#wacko">rhubarb</A>.
-- Iron</font></blockquote>
<P><STRONG>
I am a novice linux enthusiast. i had a fried mbr some
time back and read your article in linux gazzette.
Clearing out the mbr worked fine. I only installed
windows 2000 after clearing the mbr.
</STRONG></P>
<P><STRONG>
But i am running into a problem now, when i try to
install linux again. I have used RedHat linux 7.2 the
first time ( when i damaged the mbr)...
</STRONG></P>
<BLOCKQUOTE>
[Ben]
The MBR isn't something you can really "damage"; it's just some bytes on
the first sector of the HD. Clearing it out pretty much puts paid to the
problem; there isn't anything that can be left over to cause later
problems.
</BLOCKQUOTE>
<P><STRONG>
...and it installed
without any problem. But this time, as i try to create
the partitions, it is not able to create the partition
and pops up a message asking if i want to clear every
thing in the hard disk.
</STRONG></P>
<P><STRONG>
I am using a 20GB seagate hard disk. If this problem
cant be rectified with the present hard disk, i am
willing to install a fresh separate hard disk for
linux. it appears that having both windows and linux
on the same hard disk is always causing problems.
please tell me how to go about installing a second
hard disk and loading linux on it, assuming that i
already have one hard disk that is currently running
windows 2000.
</STRONG></P>
<P><STRONG>
Please advice. I hope i have made my problem clear.
</STRONG></P>
<P><STRONG>
Thanks again.
<BR>Vishal
</STRONG></P>
<BLOCKQUOTE>
[Ben]
I can't really say what the current problem is, since you've
given minimum detail here... could I get you to report the exact message
that you see? I've never been a particular fan of DiskDruid (the
partitioning software used by RedHat's install), and automatically jump
to "fdisk" (or "cfdisk", for preference, if it's available) in case of
any partitioning problems.
</BLOCKQUOTE>
<BLOCKQUOTE>
Out of curiosity, do you have any available partitions for your Linux
installation? You can't just slap in another OS; if you only have one
partition (the one where Wind*ws is installed), then I can see a
situation where you would be asked to "clear the hard disk". If you need
to shrink your Wind*ws partition to make room for Linux, take a look at
FIPS (a quick Net search will bring it up.)
</BLOCKQUOTE>
<blockquote><font color="#000066">Or use a flavor of Linux that prefers to live in a FAT filesystem -
either using UMSDOS or a giant file to be loopback mounted. I believe
Phatlinux and BigSlack are likely candidates, but I've never used
either, so I can't say more.
</font></blockquote>
<blockquote><font color="#000066">Note that FIPS can only tweak FAT filesystems and its author isn't
updating it (since he's busy working on a Ph.D), while GNU parted
can also tweak ext2, and reiser filesystems. I think it can do ext3,
or you might have to turn off the journals first so it's ext2 again.
Anyways there's a floppy rescue-disk that contains parted:
<A HREF="http://paud.sourceforge.net"
>http://paud.sourceforge.net</A>
-- Heather</font></blockquote>
<P><STRONG>
Thanks Ben and TAG;
</STRONG></P>
<P><STRONG>
I have used fdisk this time for partitioning the free
space on the disk and have been able to successfully
make partitions and install the OS. Thanks a lot once
again.
</STRONG></P>
<P><STRONG>
Vishal
</STRONG></P>
<BLOCKQUOTE>
[Ben]
You're welcome - glad you found it helpful!
</BLOCKQUOTE>
<!-- end 8 -->
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<P> <A NAME="tips/9"><HR WIDTH="75%" ALIGN="center"></A> <P>
<H3><IMG ALIGN=BOTTOM ALT="" SRC="../gx/lil2cent.gif">
<FONT COLOR="navy">FTP question</FONT></H3>
Tue, 20 Aug 2002 15:02:40 -0400
<BR>Matt_E._Dinger (<a href="mailto:linux-questions-only@ssc.com?cc=linux-questions-only@ssc.com&cc=Matt_E._Dinger@hud.gov&subject=%20Re%3A%20%5BLG%2082%5D%202c%20Tips%20%239%20%20ftp%20newline%20conversion">Matt_E._Dinger from hud.gov</a>)
<BR>Question by tag (<a href="mailto:linux-questions-only@ssc.com?subject=%20Re%3A%20%5BLG%2082%5D%202c%20Tips%20%239%20%20ftp%20newline%20conversion">linux-questions-only@ssc.com</a>)<br>Answers By Mike "Iron" Orr, Heather Stern
<!-- sig -->
<!-- sig -->
<P><STRONG>
Hi, Matt here. I found your address online while researching a problem.
We have had occasional problems with files being corrupted when we FTP them
to our test server. The files being corrupted are web files(Cold Fusion).
I know some people use the ASCII transfer option and others are usig the
binary option. Could the ASCII be the problem? Thanks,
</STRONG></P>
<P><STRONG>
Matt
</STRONG></P>
<BLOCKQUOTE>
[Iron]
FTP in binary mode transmits the file exaactly as is. FTP in ASCII mode
changes the end-of-line characters to what the destination computer expects.
(Unix uses the linefeed character, Macintosh uses carriage-return, and
Windows uses both.) Use ASCII mode only for plain text files. Any other
type of file (.gz, .tar, image, word processor file, etc) must be transferred
in binary mode or it will be corrupted beyond usability.
</BLOCKQUOTE>
<BLOCKQUOTE>
HTML and XML are text-based formats, so ASCII mode should be fine. I don't
know whether Cold Fusion uses HTML format or its own format.
</BLOCKQUOTE>
<BLOCKQUOTE>
If you've corrupted a binary file by transferring it in ASCII mode and there
are no backup copies available, you <EM>may</EM> be able to recover the data by doing
your steps exactly in reverse. Go to the computer you ran the FTP program at,
start the exact same program, switch to ASCII mode, and do a PUT instead of a
GET (or vice versa). That should reverse whatever changes it did.
</BLOCKQUOTE>
<blockquote><font color="#000066">However, it's not guaranteed, since there might have been stray carriage
return or line feed characters which were not initially part of the
conversion. You can also use the command line of infozip to pack
and then unpack a file to the same effect - handy if you no longer have
the originating system around, either. Infozip is the free 'zip' and
'unzip' found in most Linux distros.
-- Heather</font></blockquote>
<!-- end 9 -->
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<P> <A NAME="tips/10"><HR WIDTH="75%" ALIGN="center"></A> <P>
<H3><IMG ALIGN=BOTTOM ALT="" SRC="../gx/lil2cent.gif">
<FONT COLOR="navy">hmorous rant</FONT></H3>
Tue, 13 Aug 2002 20:08:55 -0500 (COT)
<BR>John Karns (<a href="mailto:linux-questions-only@ssc.com?cc=jkarns@csd.net&subject=%20Re%3A%20%5BLG%2082%5D%202c%20Tips%20%2310%20%20filesystems%20etc">the <em>LG</em> Answer Gang</a>)
<br>Answers By John Karns. Heather Stern, Pradeep Pradala
<!-- sig -->
<P><STRONG>
I just stumbled across a bit humor in the form of a not so scathing, ms
rant, for those of us with too much time on our hands:
</STRONG></P>
<P><STRONG><BLOCKQuote>
<A HREF="http://www.antipope.org/charlie/linux/shopper/165.html"
>http://www.antipope.org/charlie/linux/shopper/165.html</A>
</BLOCKQuote></STRONG></P>
<P><STRONG>
Another one from the same author, but about Linux filesystems. I didn't
realize there were quite so many choices:
</STRONG></P>
<P><STRONG><BLOCKQuote>
<A HREF="http://www.antipope.org/charlie/linux/shopper/169.html"
>http://www.antipope.org/charlie/linux/shopper/169.html</A>
</BLOCKQuote></STRONG></P>
<BLOCKQUOTE>
[Heather]
The fellow whose site he's mentioning writes about Linux for the UK
Computer Shopper. Here's his index of Linux articles. Note that he
only puts them up after the paper edition goes out of print:
<A HREF="http://www.antipope.org/charlie/linux/index.html"
>http://www.antipope.org/charlie/linux/index.html</A>
</BLOCKQUOTE>
<BLOCKQUOTE>
Of course the articles which are old enough...
</BLOCKQUOTE>
<BLOCKQUOTE>
[Pradeep]
May be not exactly relevant.
</BLOCKQUOTE>
<BLOCKQUOTE>
The "Advanced filesystem implementor's guide" series at IBM developerworks
has great information on filesystems. Part1 is at:
</BLOCKQUOTE>
<BLOCKQUOTE><BLOCKQuote>
<A HREF="http://www-106.ibm.com/developerworks/linux/library/l-fs.html?dwzone=linux"
>http://www-106.ibm.com/developerworks/linux/library/l-fs.html?dwzone=linux</A>
</BLOCKQuote></BLOCKQUOTE>
<BLOCKQUOTE>
It's easy to find other parts from the sidebar.
</BLOCKQUOTE>
<!-- end 10 -->
<!-- . . . . . . . . . . . . . . . . . . . -->
<HR WIDTH="40%" ALIGN="center">
<H3><IMG ALIGN=BOTTOM ALT="" SRC="../gx/lil2cent.gif">
<FONT COLOR="navy">Win2k and squid</FONT></H3>
Mon, 5 Aug 2002 18:31:09 +0100 (BST)
<BR>Thomas Adam (<a href="mailto:linux-questions-only@ssc.com?cc=thomas_adam16@yahoo.com&subject=%20Re%3A%20%5BLG%2082%5D%202c%20Tips%20%2311%20win2k%20and%20squid">The <em>LG</em> Weekend Mechanic</a>)
<!-- sig -->
<!-- sig -->
<blockquote><font color="#000066">This is in reply to (LG 81) Help Wanted #2,
<A HREF="../issue81/lg_mail.html#wanted/2"
>http://www.linuxgazette.com/issue81/lg_mail.html#wanted/2</A>
</font></blockquote>
<blockquote><font color="#000066">Please note that you DO definitely want to have Access
Control Lists (ACLs) enabled on your squid cache. Otherwise
a world of web-kiddies will use your site to forcefeed their
"get a nickelback when people click our ad on your site"
habit, abusing <EM>your</EM> disk space and bandwidth, and making it
look like your proxy is doing the surfing. Don't encourage
them.
-- Heather</font></blockquote>
<P>
<IMG SRC="../gx/dennis/smily.gif" ALT=":-)"
height="24" width="20" align="middle"> Vikas, I've taken a look at the e-mail
that you sent in regarding
the problems that you were having when authenticating
windows 2000 users
via squid.
</P>
<P>
The errors that you are getting would seem to indicate
that your ACL's
have not been defined correctly (perhaps due to some
syntactical error),
or they do not exist. Now there could be a number of
reasons for this, and
it would be much more helpful to us if you could post
us a copy of your
"<TT>/etc/squid.conf</TT>" file, so that I can see exactly what
is going on.
</P>
<P>
How have you configured Samba and WinBind?? I will
hopefully be covering
Samba in my WM article in the near future -- have you
been able to
authenticate Windows2000 users on the Linux box for
anyother services
besides Squid??
</P>
<P>
Just as a point of interest (and something which was
not covered in my
article), I see from the very last line of your error
log, that you get:
</P>
<blockquote><pre>2002/07/15 10:46:23| Squid is already running!
Process ID 9957
</pre></blockquote>
<P>
Since you already have squid running, I would have
suggested that if you
had only changed the configuration file, that you
simply ran:
</P>
<blockquote><pre>squid -k reconfigure
</pre></blockquote>
<P>
furthermore, if you have to stop the Squid process at
anytime, you should
always do it via the "<TT>/etc/init.d/squid</TT> stop" command.
To reload the PID,
use: "<TT>/etc/init.d/squid</TT> restart" -- assuming that the
squid process is
already running. (sorry to digress from your main
problem).
</P>
<P>
I'm sorry if the level of detail is sketchy, but I
need more information
before I can begin to understand your problem in a
little more detail.
</P>
<P>
Kind Regards,
</P>
<P>
Thomas Adam
</P>
<!-- end 11 -->
<!-- *** BEGIN copyright *** -->
<hr>
<CENTER><SMALL><STRONG>
<h5>This page edited and maintained by the Editors of <I>Linux Gazette</I><br>HTML script maintained by <A HREF="mailto:star@starshine.org">Heather Stern</a> of Starshine Technical Services, <A HREF="http://www.starshine.org/">http://www.starshine.org/</A>
<br>Copyright &copy; 2002
<br>Copying license <A HREF="http://www.linuxgazette.com/copying.html">http://www.linuxgazette.com/copying.html</A>
<BR>Published in Issue 82 of <i>Linux Gazette</i>, September 2002</H5>
</STRONG></SMALL></CENTER>
<!-- *** END copyright *** -->
<HR>
<TABLE width="100%" BORDER><TR><TD WIDTH="200">
<A HREF="http://www.linuxgazette.com/">
<IMG ALT="LINUX GAZETTE" SRC="../gx/2002/lglogo_200x41.png"
WIDTH="200" HEIGHT="41" border="0"></A>
<BR CLEAR="all">
<SMALL>...<I>making Linux just a little more fun!</I></SMALL>
</TD><TD>
<center>
<img src="../gx/dennis/qbubble.gif" alt="(?)"
border="0" align="left">
<A NAME="answer"><BIG><BIG><STRONG><FONT COLOR="maroon"
>The Answer Gang</FONT></STRONG></BIG></BIG></a>
<img src="../gx/dennis/bbubble.gif" alt="(!)"
border="0" align="right"><BR>
<STRONG>By Jim Dennis, Ben Okopnik, Dan Wilder, Breen, Chris, and...
(<a href="tag/bios.html">meet the Gang</a>) ...
the Editors of <i>Linux Gazette</i>...
and You!
</STRONG></BIG> </TD></TR>
</TABLE>
<P>
<!-- END header -->
<center><p>
<br>We have guidelines for <a href="http://www.linuxgazette.com/tag/ask-the-gang.html">asking</a> and <a href="http://www.linuxgazette.com/tag/members-faq.html">answering</a> questions. Linux questions only, please.
</STRONG>
<br><em><font color="#7F0000">We make <b>no guarantees</b> about answers, but you can be <b>anonymous</b> on request.</font></em>
<br>See also: The Answer Gang's
<a href="http://www.linuxgazette.com/tag/tag/kb.html">Knowledge Base</a>
and the <i>LG</i>
<a href="http://www.linuxgazette.com/search.html">Search Engine</a>
</center>
<br></p></center>
<HR>
<!-- BEGIN message -->
<H3>Contents:</H3>
<dl>
<dt><a href="#tag/greeting"
><strong>&para;: Greetings From Heather Stern</strong></A></dl>
<DL>
<!-- index_text begins -->
<dt><A HREF="#tag/1"
><img src="../gx/dennis/bbub.gif" height="28" width="50"
alt="(!)" border="0"
><strong>exe to iso files</strong></a>
<dt><A HREF="#tag/2"
><img src="../gx/dennis/bbub.gif" height="28" width="50"
alt="(!)" border="0"
><strong>df -k is confused</strong></a>
<!-- index_text ends -->
</DL>
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<A NAME="tag/greeting"><HR WIDTH="75%" ALIGN="center"></A>
<H3 align="left"><img src="../gx/dennis/hbubble.gif"
height="50" width="60" alt="(&para;) " border="0"
>Greetings from Heather Stern</H3>
<!-- begin hgreeting -->
<blockQuote>
Hello folks, and welcome once more to the world of The Answer Gang.
</blockQuote>
<blockQuote>
It's been a crazy month for me. Linux World Expo was a lot of fun.
At first glance, the silliness had gone out of it... mo more
colorful oddities delimiting the .Org Pavilion, people were wandering
around muttering that there aren't as many toys as there used to be, and
there was nobody in hot giant-character costumes.
</blockQuote>
<blockQuote>
On the flip side our friendly local .org folks, at least the ones who
were present and manning their booths... a decent number... seemed to
be being treated with
the same respect that the businesses with small, ordinary kiosks were.
Maybe at later shows we'll see some of the .Org groups with meta-booths
for their variety the way the big comapnies do, funded by a corporate
entity here and there that uses what they have under its hood, and is
willing somehow to give up the glory of their own name at the center
of the booth. Now that'd be cool.
</blockQuote>
<blockQuote>
And there <EM>were</EM> toys - in great abundance - for those who paid the
respect to actually express a real curiosity about the products on
display. Oh sure, there were a few grumpy sorts. I didn't get given
an official <A HREF="http://www.redhat.com/">Red Hat</A> Baseball Cap because some girl at the booth gave me
the brush-off: "At the end of our presentation". I glanced at the shiny
paperwork, and decided I could visit 3 other booths in the time it would
take their presentation to finish. I only had two half days at the show
and didn't feel inclined to waste them for a hat, an oversized t-shirt,
and a slideshow I can probably see online (if they're smart).
Most of the toys were much better than that too. Glowing pens were
everywhere, but to get a green one you had to go to <A HREF="http://www.amd.com"
>AMD</A>.
Jim asked them quite a bit about the Opterons' dual
processing improvements.
</blockQuote>
<blockQuote>
Best toys goes to <A HREF="http://www.sun.com/linux"
>Sun</A> for
having different toys at each mini-booth within their area. Of course they
were also announcing that their new LX50 is coming with Linux preloaded -
a Red Hat based distro with a perfectly tuned kernel and extra goodies
related to behaving well in a Sun-oriented environment. Kudos for that
too
<IMG SRC="../gx/dennis/smily.gif" ALT=":)"
height="24" width="20" align="middle">
</blockQuote>
<blockQuote>
One of <A HREF="http://www.ibm.com/linux"
>IBM</A>'s mini-booths was announcing an educational service - for free -
which roughly sounds like a great competitor to The Answer Gang. Unfortunately, IBM's website made no particular splash of it, and my mild thrashing around didn't find it. I applaud their ideas but usability and getting the word out is going to need better work than that. Perhaps we can cajole them into sending a note to News Bytes about it.
</blockQuote>
<blockQuote>
Linux seems to be under the hood of an awful lot of big storage devices lately.
</blockQuote>
<blockQuote>
I asked a few businessmen about what they thought of the show. They see the
enthusiasm is up, the companies really trying to make the mark in the marketplace. And As I think back on it - they're right - I saw very few booths where
people didn't seem to know which way is up, what Linux is, or anything like that. A particular booth had a really cool looking shaker table, but had nothing
to do with embedded or even industrial computing. Nada, Zip, null pointer overflow. Duh. But the dot-com winter is almost over; companies with the
wherewithal to not push too far into the glitz and glory, like
<A HREF="http://www.penguincomputing.com"
>Penguin Computing</A>, are surving the
boom-bust cycle and doing okay. "Mr. Gates, I'll be your server today"
was just as popular as the first time it appeared, though of course,
it wasn't the only poster there.
</blockQuote>
<blockQuote>
The fellow stuck in the Microsoft booth explained sheepishly that they begged
and pleaded not to be put in the hatchery area. He and I are both guessing,
but apparently some folks in charge of space allocation couldn't be convinced
that embedded dev tools <tt>!=</tt> linux dev tools ... it being a linux tradeshow and all. However, they do have a new attitude with WinCE - free for non-commercial
use, including code so you can debug it. And commercial entities can debug with it too; you don't need royalty games until you start making derivitive works and trying to sell it ... although what else an embedded developer would do with it, I'm not clear. But that puts them no worse off than the original <A HREF="http://www.trolltech.com"
>Troll Tech</A> license, which satisfied some and annoyed others. And he says they want to understand how our dev community works a bit better. I'm reminded of a quote from Baylon 5
<IMG SRC="../gx/dennis/smily.gif" ALT=":)"
height="24" width="20" align="middle"> "But humans are different. You build communities."
</blockQuote>
<blockQuote>
So who gets the prize for <i>Making Linux A Little More Fun</i>? Hmm, it's a toss up. <A HREF="http://www.affero.com"
>http://www.affero.com</A> Affero threw a great party for the <A HREF="http://www.fsf.org"
>http://www.fsf.org</A> FSF and <A HREF="http://www.eff.org"
>http://www.eff.org</A> EFF folks; music, lots of pinball games, actually edible spread ... invited speakers included a comedian, and a legal eagle involved with the RIAA cases who is pleased to see so many "geektivists" but wants it made clear that just grousing isn't enough. Grouse enough instead of act, and it will be too little, too late, because we can't route around bad laws <EM>after</EM> the're established nearly as well as we can prevent them, any more than software can do more than an occasional workaround past true hardware issues.
We have to keep the heat on so that large corporate pocketbooks can't make it criminal to do these things which we already do, day to day. While that message itself isn't entirely fun, any successes in that category will help keep things fun.
</blockQuote>
<blockQuote>
The other competitor is CrossOver Office from the <A HREF="http://www.codeweavers.com"
>http://www.codeweavers.com</A> Codeweavers people. I've been saying for years now that somebody needs to package Wine so that normal folk can use it. When they do, I'm glad to buy it. As it is, now it's real, it's cheaper than an "upgrade" pack of the Beast from Redmond, and I've got a side bet that it's more stable, too. Maybe I can finally play my Starfleet games without resorting to a Borg invasion, or having to realign my phase injectors, uh, mountpoints first.
</blockQuote>
<blockQuote>
And speaking of <a href="http://www.sfi.org/">Starfleet</a> - I'm involved in a handful of local Linux User Groups, but most actively with the <A HREF="http://trek.starshine.org"
>U.S.S. Augusta Ada</a>. We're running the Internet Lounge for Worldcon this week. In fact, this blurb is taking a little while out of my busy life over there to get our 'zine published.
But, regardless of the hassles of setup and keeping older systems happy under serious desktop-station use, we're getting thanks in abundance for our wireless and tireless efforts to keep people able to hit the email, chat online, and surf the web. It's a great feeling. Folks of all plaforms (their laptops, our stuff, the Macs next door in Pubs) are all sharing the 'net happily together. Now <EM>that</EM> ... is IDIC.
</blockQuote>
<blockQuote>
See you all next month!
</blockQuote>
<!-- end hgreeting -->
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<A NAME="tag/1"><HR WIDTH="75%" ALIGN="center"></A>
<!-- begin 1 -->
<H3 align="left"><img src="../gx/dennis/bbubble.gif"
height="50" width="60" alt="(!) " border="0"
>exe to iso files</H3>
<p><strong>From Drakonian76
</strong></p>
<p align="right"><strong>Answered By Mike Orr, Don Marti, Heather Stern, Jay R. Ashworth
<p></strong></p>
<!-- sig -->
<!-- sig -->
<P><STRONG>
<IMG SRC="../gx/dennis/qbub.gif" ALT="(?)"
HEIGHT="28" WIDTH="50" BORDER="0"
>
sry to bother you but i stumbled upon your site while looking for this
answer
</STRONG></P>
<P><STRONG>
how can i change an exe file to an iso file? It is not
for me my friend put the job on to me to find this answer and after hours of
searching i decided to ask you. If you have any helpful information on this i
would greatly appreciate it.
</STRONG></P>
<P><STRONG>
again thank you for your time
</STRONG></P>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Mike]
I hope you're on a Linux system since you asked your question to a Linux
forum. Our new submission address is <A HREF="mailto:linux-questions-only@ssc.com"
>linux-questions-only@ssc.com</A> to
emphasize this fact; "answerguy" at ssc.com is obsolete and is read only
occasionally.
</blockQuote>
<blockQuote>
I assume your friend wants to burn his program onto a CD-ROM, since "ISO"
is often used as an abbreviation for ISO-9660, the filesystem type used on
CD-ROMs. (ISO (www.iso.ch) actually stands for International Standards
Organization -- or "International Organization for Standardization" as they
call themselves -- an organization that publishes specifications not only for
CD-ROMs but also for film speeds and lots of other stuff.)
</blockQuote>
<blockQuote>
.exe is a file format, specifically the DOS/Windows executable format.
</blockQuote>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Don]
Some .exe files are "self-extracting archives" which are basically
a small MS-DOS PKZIP extractor and a PKZIP (".zip") file packaged
together as one file. Under MS-DOS or compatible environments, you
can run the .exe file to extract the contents of the zip file.
</blockQuote>
<blockQuote>
Under Linux, the "unzip" utility can extract the contents of
the .exe file's PKZIP archive while ignoring the MS-DOS program.
See man unzip.
</blockQuote>
<blockQuote>
If you don't have an unzip program on your Linux
system, install your distribution's zip package or see:
<A HREF="http://www.info-zip.org/pub/infozip"
>http://www.info-zip.org/pub/infozip</A>
</blockQuote>
<blockQuote>
If your .exe is in fact a self-extracting archive, it would be
convenient to extract the contents before turning them into an .iso
file for burning to CDROM.
</blockQuote>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Mike]
(Linux uses an executable format called ELF, but does not use a filename
extension to distinguish those files.) ISO is not a file format in that sense,
it's a filesystem type. A filesystem is what's on your hard drive partition,
what allows it to contain files and directories. ext2 is Linux's standard
filesystem type, FAT-32 and NTFS are the current Windows filesystem types.
ISO-9660, sometimes abbreviated to "ISO", is the filesystem type used on
CD-ROMs.
</blockQuote>
<blockQuote>
However, it is possible to put an entire ISO-9660 filesystem (or any filesystem)
into a regular file. If you mount that file (using mount's "loop" option; see
"man mount" and "man losetup"), you will see all the files and directories on
it, just like if you'd mounted a CD-ROM. This ISO filesystem-in-a-file is
sometimes called an "iso" file and may have the extension .iso . Certain Linux
distributions use this convention to make ready-to-burn CD images available via
FTP.
</blockQuote>
<blockQuote>
In fact, this creating an ISO-9660 filesystem is a necessary step before a
data CD can be burned. Sometimes the program stores it temporarily in a
regular file, and sometimes it uses other tricks to avoid creating the temporary
file (which is up to 700 MB).
</blockQuote>
<blockQuote>
To write a CD under Linux, see the CD-Writing HOWTO at <A HREF="http://www.tldp.org"
>http://www.tldp.org</A> .
You can also use one of the GUI front ends such as <A HREF="http://www.kde.org/">KDE</A>'s KOnCD).
</blockQuote>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Heather]
And if you're trying to write a Linux or otherwise generated ISO under
Windows, you can see "Best of ISO Burning Under Windows" - Issue 68,
11th TAG article:
<A HREF="../issue68/tag/11.html"
>http://www.linuxgazette.com/issue68/tag/11.html</A>
</blockQuote>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [jra]
Interestingly enough, I discovered, apparently El Torito bootability is
a feature of the image -- I burned those Linux BBC's from a bare ISO,
no command switches to tell the Windows burner to make it bootable, and
it Just Worked.
</blockQuote>
<blockQuote>
I hadn't realized that it was (in Linux terms) mkisofs, not cdrecord,
that did that work.
</blockQuote>
<!-- end 1 -->
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<A NAME="tag/2"><HR WIDTH="75%" ALIGN="center"></A>
<!-- begin 2 -->
<H3 align="left"><img src="../gx/dennis/bbubble.gif"
height="50" width="60" alt="(!) " border="0"
>df -k is confused</H3>
<p><strong>From Edgardo Achiardi
</strong></p>
<p align="right"><strong>Answered By Jim Dennis, John Karns, Heather Stern, Jay R. Ashworth, Mike "Iron" Orr, Matthias Posseldt
<p></strong></p>
<!-- sig -->
<!-- sig -->
<P><STRONG>
Hi
</STRONG></P>
<P><STRONG>
I have a problem
</STRONG></P>
<P><STRONG>
I try to boot my disks with Linux, the secondary disk is a copy of primary
disk. I can boot with the secondary, but when I execute 'df -k' show me the
output of primary disk and not the secondary disk.
</STRONG></P>
<P><STRONG>
I need boot with primary and secondary disk, like a backup or in special
case, because if the primary disk is in fault mode I can boot with the
secondary boot, in this way my system to follows brinding service.
</STRONG></P>
<P><STRONG>
Thanks for all
</STRONG></P>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [JimD]
I suspect that you have a stale <TT>/etc/mtab</TT> file laying around when you issue
this df command. The df command reads <TT>/etc/mtab</TT> to find out about mount
points, and it easily gets confused by this.
</blockQuote>
<blockQuote>
Make sure that your <TT>/etc/mtab</TT> file is properly truncated during boot, and
that it gets properly populated with your mount information by your rc
scripts. (Obviously the startup (rc) scripts on all general purpose
distributions already do this for you --- so this case only comes up when
you've messed with them, rolled your own, or when you've replicated the
system and/or booted it up in some odd way.
</blockQuote>
<P><STRONG>
<IMG SRC="../gx/dennis/qbub.gif" ALT="(?)"
HEIGHT="28" WIDTH="50" BORDER="0"
>
when backup is finished (from primary disk to secondary disk), i corrected
the configuration files and lilo.conf. but when i boot my secondary disk
startup, this process move the configuration files such as mtab. what can i
do for keep this files.
</STRONG></P>
<P><STRONG>
i compile lilo and was succesfully, what happens?
</STRONG></P>
<P><STRONG>
thanks
</STRONG></P>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Heather]
It's not lilo's fault in the slightest.
</blockQuote>
<blockquote><em><font color="#000066">At this point our Answer Gang gleefully leapt upon the question. The actual
answer deals with two files: /etc/fstab, and /etc/mtab.
-- Heather</font></em></blockquote>
<HR width="10%" align="left">
<h4 align="center"><br>/etc/fstab
</h4>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [John]
After copying your system to a 2nd disk, you also need to edit <TT>/etc/fstab</TT> to
change the device references from the device that you copied from to point
to the disk that you want to boot from.
</blockQuote>
<blockquote><em><font color="#000066">Snipping a bit of the discussion that led us into a maze of twisty passages,
some incorrect ... the result is nonethless important...
-- Heather</font></em></blockquote>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Iron]
Let's stop talking about <TT>/etc/fstab.</TT> We all agree it's a bad idea to create
<TT>/etc/fstab</TT> dynamically from <TT>/proc/mounts.</TT> It may be acceptable for the
sysadmin to do it <EM>once</EM> <EM>manually</EM> before customizing it, but fstab also
contains:
</blockQuote>
<blockQuote><ol>
<LI>the "options" column (see below)
<LI>"noauto" entries (floppies, CD-ROMs, backup repositories), which may not be
currently mounted
<LI>swap partitions, which never show up in /proc/mounts
<LI>comments, especially the one saying which column is what
</ol></blockQuote>
<HR width="10%" align="left">
<h4 align="center"><br>/etc/mtab
</h4>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [John]
Also delete <TT>/etc/mtab</TT>, as that will get created when you boot from the new device.
</blockQuote>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Matthias]
There are also ways to clear out <TT>/etc/mtab</TT> while booting, but it is
somewhat more difficult.
</blockQuote>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Heather]
Here's the trick I use, since I
multi boot and transport whole linuxen around in tarballs a lot.
</blockQuote>
<blockQuote>
Make <TT>/etc/mtab</TT> a symlink to <TT>/proc/mounts.</TT>
</blockQuote>
<blockQuote>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [JimD]
-- dynamically showing the real mount status of all local filesystems.
</blockQuote>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [jra]
<EM>Showing</EM> them, fine. But if the designers of the system had wanted
you to <EM>depend</EM> on them, it's a reasonably good bet they'd have done
this in the distro's already. Should we ask Linus? Or Erik Troan,
maybe?
</blockQuote>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Iron]
The original Unixes didn't have anything equivalent to <TT>/proc</TT>, so they had to
use <TT>/etc/mtab.</TT> The concept of the kernel exposing its internal state through
the filesystem is a relatively recent invention.
</blockQuote>
</blockQuote>
<P><STRONG>
<IMG SRC="../gx/dennis/qbub.gif" ALT="(?)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Iron]
Why does "mount" even use mtab if <TT>/proc/mounts</TT> is more accurate? Whenever I
boot into single user mode, the "mount" listing shows the previous boot, not
the current one, because the root filesystem is read-only so it can't update
mtab. But if I remember about <TT>/proc/mounts</TT>, all is well.
</STRONG></P>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [JimD]
There has been some debate on this over the years. On the one hand
<TT>/proc</TT> is the canonical way for the Linux kernel to export state (expecially
"PROCess" status) to user space. On the other hand the legacy of the
libraries and other forms of UNIX dictate the <TT>/etc/mtab</TT> file, maintained
by the mount command and read by df, du, and others (including the mount
command when it's used to display the currently mounted filesystems).
</blockQuote>
<blockQuote>
Raising some other limb we could note that there are some cases where
<TT>/proc</TT> is undesirable (particularly in embedded systems). Arguably these
systems already need a different version of the procps suite (which
provides the ps and top commands). If mount relied upon <TT>/proc/mounts</TT>
then these embedded systems would need special versions of that.
</blockQuote>
<blockQuote>
Of course we could increase the cruft support factor. We could have
the appropriate library calls check for <TT>/proc/mounts</TT> and use it
preferentially. They'd then back off to using <TT>/etc/mtab</TT> if <TT>/proc/mounts</TT>
where inaccessible. I can hear Linus retching into a brown paper bag
somewhere --- undoubtedly intent on sticking that over my head to shut
me up on this.
</blockQuote>
<blockQuote>
If we choose <TT>/proc/mounts</TT> uniformly then we have a few problems. First
we have to write some parts of the format in stone --- to properly
decouple future kernel implementation changes from userspace and library
work. (I don't relish the prospect of the sorts of procfs changes that
occured circa 1.3.x which caused older versions of ps to core dump under
new kernels).
</blockQuote>
<blockQuote>
Personally I don't see a problem with that. However, we have to keep in
mind that Linux' filesystem support is likely to change radically over
the next couple of stable kernel versions. We know that Al Viro is
working on implementing "stackable" (or union, or translucent, or
overlay) filesystems and we see a bit more work on LVM and snapshot support
on the horizon. It's not clear how much effect this will have on the
format of <TT>/proc/mounts</TT> --- how much data we'll need to add to it to
support sane userspace semantics.
</blockQuote>
<blockQuote>
So, for now, just consider it to be one of those legacy bugaboos of
Linux. As Heather has said, replacing <TT>/etc/mtab</TT> with a symlink to
<TT>/proc/mounts</TT> seems to mostly work "well enough." Unfortunately I can't
think of examples of how it doesn't work, of things to look out for.
</blockQuote>
<blockQuote>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Heather]
While there may be some small distro-specific information by the mtab
updaters which is lost, the beauty of knowing that when proc is mounted
during normal bootup, <TT>/etc/mtab</TT> is going to <EM>just work</EM> is worthwhile.
</blockQuote>
<P><STRONG>
<IMG SRC="../gx/dennis/qbub.gif" ALT="(?)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Iron]
Like what?
</STRONG></P>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Heather]
I don't know. It just invariably happens in a large enough crowd when
I suggest this symlink trick, someone objects in this way. For all I
know BSDs have some trouble of this sort and it isn't even Linux-y. But
some Linux variants try to do things in a more BSDish way, and if both
of those were so, I'd expect there might be something.
</blockQuote>
<blockQuote>
My first concept is it might list the devices by their e2labels if they
have them, which proc never looks at.
</blockQuote>
</blockQuote>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Iron]
I also remember hearing that mtab was the main reason (actually, the only
reason) why leaving the root filesystem read-only all the time was a bad idea.
(Assuming <TT>/tmp</TT> and <TT>/var</TT> are somewhere else, of course.)
</blockQuote>
<blockQuote>
"mount" could, for instance, read <TT>/proc/mounts</TT> if available and fall back to
<TT>/etc/mtab</TT> if not. Likewise, it could write mtab out if it's a regular file
but not if it's a symlink.
</blockQuote>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [JimD]
The question at hand regards the implication of the latter choice.
What's wrong with making <TT>/etc/mtab</TT> a symlink to <TT>/proc/mounts?</TT> I don't
know. Why do the maintainers of the main kernel and fsutils continue
to do it using a static <TT>/etc/mtab</TT> file? (Legacy?) Are there programming
disadvantages to setting the symlink? (Note: my first question was about
the implications to the sysadmin, this last is about the implications
for the maintainers of the fsutils and other programmers).
</blockQuote>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Iron]
I did find one thing in <TT>/etc/mtab</TT> in <A HREF="http://www.debian.org/">Debian</A> that <TT>/proc/mounts</TT> doesn't have:
the "options" column from <TT>/etc/fstab.</TT> Viz:
</blockQuote>
<blockQuote><BLOCKQuote>
% cat <TT>/proc/mounts</TT>
</BLOCKQuote></blockQuote>
<p align="center">See attached <tt><a href="misc/tag/mike-orr.proc-mounts.txt">mike-orr.proc-mounts.txt</a></tt></p>
<blockQuote>
% cat <TT>/etc/mtab</TT>
</blockQuote>
<p align="center">See attached <tt><a href="misc/tag/mike-orr.etc-mtab.txt">mike-orr.etc-mtab.txt</a></tt></p>
<blockQuote>
% cat <TT>/etc/fstab</TT>
</blockQuote>
<p align="center">See attached <tt><a href="misc/tag/mike-orr.etc-fstab.txt">mike-orr.etc-fstab.txt</a></tt></p>
<blockQuote>
Also, since I have devfs in my kernel but it's not mounted, <TT>/proc/mounts</TT> has
a funky line for the root partition.
</blockQuote>
<blockQuote>
None of these differences are significant to me, but any program that parses
<TT>/etc/mtab</TT> would be affected. If there are any programs that parse <TT>/etc/mtab</TT>,
besides the GUI mount dialogs.
</blockQuote>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Heather]
On the flip side if you more commonly use the space to chroot into,
then you need to remember to mount the proc filesystem if things care
about it. Many of the finer deamons do, anyway.
</blockQuote>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Matthias]
If you try to setup a group of users who can mount and unmount file systems
you are stuck with the dynamic <TT>/proc/mounts</TT> method:
</blockQuote>
<blockquote><pre>/dev/hda5 /mnt/windows-data vfat user,uid=500,gid=500,umask=007 0 0
</pre></blockquote>
<blockQuote>
If mounted by a user who is in group 500 (windows) all members of the group
and root himself can use the file system. But if it comes to unmounting
there are problems if you use the <TT>/proc/mounts-linked-to-/etc/mtab</TT>
approach and therefore are missing the options field: Now only root can
unmount the file system while with a static <TT>/etc/mtab</TT> every member of
group 500 can unmount the partition.
</blockQuote>
<blockQuote>
So you have either option: Use the link approach to not care about correct
<TT>/etc/mtab</TT> in the case your system fails and miss some advanced (u)mount
functionality or use the static approach and be able to use it.
</blockQuote>
<blockQuote>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Iron]
But it works for me, at least for a user unmounting a partition that has the
"user" option in <TT>/etc/fstab</TT>, even though that column is missing in the
symlinked mtab. The kernel should know which options it's mounted with, whether
that shows up in <TT>/proc/mounts</TT> or not. And one would expect 'umount' to work
parallel to 'mount', which uses fstab information to supply default options.
</blockQuote>
<blockQuote>
Perhaps your system is different, or the vfat filesystem is underfeatured.
</blockQuote>
<!-- end 2 -->
<P> <hr> </p>
<!-- *** BEGIN copyright *** -->
<hr>
<CENTER><SMALL><STRONG>
<h5>
<br>Copyright &copy; 2002
<br>Copying license <A HREF="">http://www.linuxgazette.com/copying.html</A>
<BR>Published in Issue 82 of <i>Linux Gazette</i>, September 2002</H5>
</STRONG></SMALL></CENTER>
<!-- *** END copyright *** -->
<HR>
<TABLE BORDER><TR><TD WIDTH="200">
<A HREF="http://www.linuxgazette.com/">
<IMG ALT="LINUX GAZETTE" SRC="../gx/2002/lglogo_200x41.png"
WIDTH="200" HEIGHT="41" border="0"></A>
<BR CLEAR="all">
<SMALL>...<I>making Linux just a little more fun!</I></SMALL>
</TD><TD WIDTH="380">
<center>
<BIG><BIG><STRONG><FONT COLOR="maroon">News Bytes</FONT></STRONG></BIG></BIG><BR>
<STRONG>By <A HREF="mailto:michael.conry@softhome.net">Michael Conry</A></STRONG></BIG>
</TD></TR>
</TABLE>
<P>
<!-- END header -->
<center>
<table cellpadding=7><tr><td>
<IMG SRC="../gx/bytes.gif" border=1 ALT="News Bytes">
</td><td>
<H3>Contents:</H3>
<ul>
<li><a HREF="#leg">Legislation and More Legislation</a>
<li><a HREF="#links">Linux Links</a>
<li><a HREF="#conferences">Conferences and Events</a>
<li><a HREF="#general">News in General</a>
<li><a HREF="#distro">Distro News</A>
<li><a HREF="#commercial">Software and Product News</a>
</ul>
</td></tr></table>
<STRONG>Selected and formatted by <A HREF="mailto:michael.conry@softhome.net">Michael Conry</A></STRONG>
</center>
<P> Submitters, send your News Bytes items in
<FONT SIZE="+2"><STRONG>PLAIN TEXT</STRONG></FONT>
format. Other formats may be rejected without reading. You have been
warned! A one- or two-paragraph summary plus URL gets you a better
announcement than an entire press release. Submit items to
<A HREF="mailto:gazette@ssc.com">gazette@ssc.com</A>
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<font color="green">
September 2002 <I>Linux Journal</I>
</font>
</H3>
<IMG ALT="[issue 100 cover image]" SRC="misc/bytes/lj-cover101.png" WIDTH=200 HEIGHT=268
ALIGN="left" HSPACE="20">
The September issue of <A HREF="http://www.linuxjournal.com/"><I>Linux
Journal</I></A> is on newsstands now.
This issue focuses on the Ultimate Linux Box. Click
<A HREF="http://www.linuxjournal.com/modules.php?op=modload&name=NS-lj-issues/issue100&file=index">here</A>
to view the table of contents, or
<A HREF="http://www.linuxjournal.com/subscribe/">here</A>
to subscribe.
<P>
<FONT COLOR="green">All articles older than three months are available for
public reading at
<A HREF="http://www.linuxjournal.com/magazine.php">http://www.linuxjournal.com/magazine.php</A></FONT>.
Recent articles are available on-line for subscribers only at
<A HREF="http://interactive.linuxjournal.com">http://interactive.linuxjournal.com/</A>.
<BR CLEAR="all">
<!-- =================================================================== -->
<a name="leg"></a>
<p><hr><p>
<!-- =================================================================== -->
<center><H3><font color="green">Legislation and More Legislation</font></H3></center>
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">Linux Kernel and Patents
</FONT>
</H3>
<P>
<a href="http://www.lwn.net/">
Linux Weekly News</a>
has drawn attention to the growing awareness among Linux kernel developers
that they
<a href="http://lwn.net/Articles/7632/">
may be routinely violating patents</a>.
The LWN report has links to the mails on the kernel mailing list (including
contributions from Alan Cox and Linus Torvalds), along with reader
comments. Further reader comments can be found with the
<a href="http://slashdot.org/article.pl?sid=02/08/23/1719241&mode=nested&tid=106">Slashdot
coverage of the story</a>.
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">BT's Hyperlink Case Dismissed
</font>
</H3>
<P>
In more encouraging patent news,
<a href="http://www.bt.com/index.jsp">BT</a>
(British Telecom) has
<a href="http://www.theregister.co.uk/content/6/26802.html">
lost its patent lawsuit</a> against
Prodigy
over a
<a href="http://164.195.100.11/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PALL&p=1&u=/netahtml/srchnum.htm&r=1&f=G&l=50&s1='4873662'.WKU.&OS=PN/4873662&RS=PN/4873662">patent</a>
BT claimed covered the hyperlink.
You can read
<a href="http://slashdot.org/comments.pl?sid=38518&cid=0&pid=0&startat=&threshold=5&mode=thread&commentsort=0&op=Change">
reaction to the story</a> at Slashdot.
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">DMCA
</FONT>
</H3>
<P>
<P>
Here are some links and news related to the DMCA which you might find of
interest.
<P>
<a href="http://news.com.com/2100-1023-947729.html">
News.com has reported</a> that
some of the supporters who helped the DMCA pass are having second thoughts.
This has emerged through a RIAA vs Silicon Valley debate sponsored by the
Cato Institute.
Wired
<a href="http://www.wired.com/news/digiwood/0,1412,54270,00.html">
also reported</a>
on the same debate, focusing on how the computing revolution of 1950-2000
wouldn't have happened under today's copyright regime (DMCA). This recalls
George Monbiot's
<a href="http://www.guardian.co.uk/globalisation/story/0,7369,665969,00.html">
article</a> describing historically how the <em>absence</em> of patents has
produced strong economic growth.
<P>
<hr noshade width="20%">
<P>
Declan McCullagh of News.com has
written that
<a href="http://news.com.com/2010-12-950229.html?tag=fd_lede">
the DMCA is not so bad</a>
and the EFF is overreacting.
<blockquote>
"The DMCA is both an egregious law and a brazen power grab by Hollywood,
the music industry and software companies. It is probably
unconstitutional. It creates unnecessary federal crimes, cedes too much
authority to copyright holders, and should be unceremoniously tossed
out by the courts... [However,] a careful look at the DMCA shows that, far from
prohibiting all security research, the law does not regulate as many
activities as people seem to believe. And if activists hope to assail a
law like the DMCA, they'll be taken more seriously if they know what
they're talking about."
</blockquote>
Slashdot readers
<a href="http://slashdot.org/articles/02/08/19/1623242.shtml?tid">
generally reacted with scepticism</a>, though there were some dissenting
voices.
LWN's
<a href="http://lwn.net/Articles/6998/">
coverage of these issues</a> is interesting reading too.
Also worth a look are
<a href="http://www.mccullagh.org/theme/dmca-celebration-may02.html">
Declan's photos</a>
of the DMCA's corporate sponsors
hobnobbing with Congressmen during the DMCA's success party -- looks like
it was a good night!
<P>
<hr noshade width="20%">
<P>
More Declan!
<a href="http://yro.slashdot.org/article.pl?sid=02/08/27/2144227&mode=nested&tid=95">
Slashdot highlighted</a> an
<a href="http://news.com.com/2008-1082-955417.html?tag=fd_nc_1">
interview by Declan McCullagh</a>
with
Sarah Deutsch, a vice president and associate general counsel at
<a href="http://www.verizon.com/">
Verizon</a>. She is argues against the DMCA and explains how her company
plans to stand against such developments.
<P>
<hr noshade width="20%">
<P>
<a href="http://www.theregister.co.uk/content/55/26468.html">
The Register reported</a> recently that
HP made moves to use the DMCA to quash a Tru64 bug report.
Later on, they appeared to see the public relations nightmare the tactic
could turn into
<a href="http://www.theregister.co.uk/content/55/26508.html">
and abandoned the DMCA-fuelled madness</a>. Maybe Alan Cox wasn't so far
off the mark before when he began censoring his changelogs.
<P>
<hr noshade width="20%">
<P>
Slashdot
<a href="http://yro.slashdot.org/article.pl?sid=02/08/02/1236206&mode=nested&tid=99">
highlighted</a>
an
<a href="http://chronicle.com/free/2002/08/2002080201t.htm">
interview with Ben Edelman</a> in
<em>The Chronicle of Higher Education</em>.
Ben Edelman is a Harvard law student and internet researcher who is
<a href="http://yro.slashdot.org/article.pl?sid=02/07/25/152247&tid=123">
bringing suit against the DMCA with the ACLU</a>.
He wishes to be free to publish research on the lists of sites blocked by
internet filtering software.
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">EUCD
</FONT>
</H3>
<P>
The Register
<a href="http://www.theregister.co.uk/content/6/26717.html">
recently reported</a>
on the proposed United Kingdom implementation of the European
Union Copyright Directive (sometimes called "Europe's DMCA").
Comments are
<a href="http://www.patent.gov.uk/about/consultations/eccopyright/index.htm">
currently being taken</a>
by the UK Patent Office, and these could influence the final shape of the
law. It could
<a href="http://www.theregister.co.uk/content/4/26788.html">
turn out badly</a>, but if the UK government is encouraged to take
advantage of all available opt-outs, it would be a help.
Obviously this is primarily of interest to UK readers, but it has
relevance to all EU readers.
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">DeCSS
</FONT>
</H3>
<P>
The trial of Jon Johansen, creator of the controversial DeCSS software
<a href="http://www.theregister.co.uk/content/4/26658.html">
has been postoponed</a> [The Register] until December. The delay is to
facilitate the appointment of a suitably technically informed judge.
The Electronic Frontier Foundation
<a href="http://www.eff.org/IP/DeCSS_prosecutions/Johansen_DeCSS_case/">
has further information</a>
on the case.
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">Thought-Provoking Reading
</FONT>
</H3>
<P>
Cory Doctorow has written
<a href="http://www.tidbits.com/database-cache/tbart06901.html">
an in-depth analysis</a>
of how Hollywood's plans could interfere with the electronics industry, and
the computer industry in particular. This was also
<a href="http://slashdot.org/comments.pl?sid=37909&cid=0&pid=0&startat=&threshold=4&mode=flat&commentsort=0&op=Change">
discussed on slashdot</a>
<P>
Another
<a href="http://www.janisian.com/article-internet_debacle">
interesting article</a>, on the subject of online music/media distribution
, is <em>The Internet Debacle - An Alternative View</em> by Janis Ian.
It highlights things that are wrong with the
current situation, along with possible ways to change it.
The fallout and follow up to the article has also
<a href="http://www.janisian.com/article-fallout.html">
been published</a>.
<P>
A third article definitely worth reading is
<a href="http://www.oreillynet.com/pub/a/policy/2002/08/15/lessig.html?page=1">
Lawrence Lessig's keynote speech</a>
from the O'Reilly Open Source Convention.
You can read it in html, and if your connection/patience is up to it you can
download the audio in mp3 format.
<P>
Finally, the Boston Review has an article entitled
<a href="http://bostonreview.mit.edu/BR27.3/bollier.html">
<em>Reclaiming the Commons</em></a>,
which has a lot of relevance to the Open
Source community. Further online comments and replies are
<a href="http://bostonreview.mit.edu/ndf.html#Market">
also available</a>.
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">Government
</FONT>
</H3>
<P>
Microsoft and other players on the proprietary software scene
have been sufficiently rattled by advances of open source software
into government infrastructure to
<a href="http://news.com.com/2100-1001-949527.html">
set up a lobby group</a> [News.com]
called
<em>The Initiative for Software Choice</em>
to convince governments in Europe and South America that legislation
favoring open-source software is not in their best interest.
<P>
This is a reaction to developments such as
California's proposed
<em>Digital Software Security Act</em>, which would forbid the state
from purchasing closed-source software. However,
<a href="http://lwn.net/Articles/7697/">
as LWN reports</a>, the law is quite extreme and has little chance of
actually being passed. None the less, it is good to see these ideas
floating into the mainstream. In a similar vein, it has been reported that
the Spanish Administration
<a href="http://newsvac.newsforge.com/article.pl?sid=02/08/02/1321207&mode=thread&tid=51">
has been pleased</a>
with its initial experiences of Linux.
Advogato <a href="http://www.advogato.org/article/524.html">
have the full story</a>.
<a name="links"></a>
<p><hr><p>
<!-- =================================================================== -->
<center><H3><font color="green">Linux Links</font></H3></center>
<p>
<IMG ALT="Linux Focus" SRC="../gx/linuxfocus.jpg" WIDTH="143" HEIGHT="45">
<BR CLEAR="all">
The following articles are in the July/August issue of the E-zine
<A HREF="http://www.linuxfocus.org/">LinuxFocus</A>:
<ul>
<li><a href="http://linuxfocus.org/English/September2002/article253.shtml">Frequency counter
1Hz-100Mhz with LCD display and RS232 interface</a><br></li>
<li><a href="http://linuxfocus.org/English/September2002/article255.shtml">Viruses: a concernfor all of us</a><br></li>
<li><a href="http://linuxfocus.org/English/September2002/article257.shtml">Using BibTeXML in
DocBook XML to Write Scientific Articles</a><br></li>
<li><a href="http://linuxfocus.org/English/September2002/article258.shtml">Understanding
+HD44780 compatible LCD-displays</a><br></li>
<li><a href="http://linuxfocus.org/English/September2002/article259.shtml">Midi with
alsa</a><br></li>
<li><a href="http://linuxfocus.org/English/September2002/article260.shtml">FreeBSD, a real
alternative</a><br></li>
<li><a href="http://linuxfocus.org/English/September2002/article261.shtml">L'heure du
Jazz++</a><br></li>
</ul>
<P>
A couple of links from <em>Linux Journal</em>
<ul>
<li>
<a href="http://www.linuxjournal.com/article.php?sid=6243">
New Yorkers for Fair Use Go to Washington</a>
"Here's what really happened at the meeting they're saying we 'disrupted'."
</li>
<li>
<a href="http://www.linuxjournal.com/article.php?sid=5653">
Part 1 of a HOWTO on RAID-1</a>
What it is, when to use it, how to make a RAID-1 device for an ext2
partition.
</li>
<li>
Doc Searls says LinuxWorld 2002 was
<a href="http://www.linuxjournal.com//article.php?sid=6285">
"More Business, Less Boothness"</a>.
</li>
</ul>
<P>
Some links from The Register:
<ul>
<li>
<a href="http://www.theregister.co.uk/content/4/26843.html">
A guide</a> to protecting your internet anonymity and security while
using Linux.
</li>
<li>
EU to force ISPs and telcos to
<a href="http://www.theregister.co.uk/content/6/26751.html">
retain data for one year</a>.
</li>
<li>
<a href="http://www.theregister.co.uk/content/6/26718.html">
Media giants demand ISPs block Web sites</a>,
The Great Firewall of Hollywood.
</li>
</ul>
<P>
And a few links from <a href="http://lwn.net/">Linux Weekly News</a>:
<ul>
<li>
Why Red Hat
<a href="http://lwn.net/Articles/8284/">
is not turning into Microsoft</a>
</li>
<li>
The new
<a href="http://www.openpkg.org/">
OpenPKG packaging system</a>. It's based on RPM 4, but is an
independent project. The
<a href="http://www.openpkg.org/faq.html">FAQ</a> explains a bit more
about it.
</li>
<li>
Wired
<a href="http://www.wired.com/news/business/0,1367,54712,00.html">
writes about ElcomSoft</a>.
</li>
<li>
Is Lindows
<a href="http://news.com.com/2100-1001-954884.html">
rethinking its marketing</a>?
</li>
</ul>
<P>
Michael Lucas at O'Reilly discusses how
<a href="http://www.onlamp.com/pub/a/bsd/2002/08/16/Big_Scary_Daemons.html">
using groups</a>
minimizes the need to give users the root password, while still allowing
them to accomplish their jobs.
<P>
<a href="http://www.infoworld.com/articles/hn/xml/02/08/15/020815hnperenshp.xml">
Infoworld report</a>
that
<a href="http://perens.com/">Bruce Perens</a> has left
<a href="http://www.hp.com/">HP</a>
to devote more time to activism
<P>
<a href="http://www.linuxandmain.com/modules.php?name=News&file=article&sid=180">
Linux and Main report</a>
on the release of GCC-3.2.
<P>
<a href="http://money.cnn.com/2002/08/14/technology/techinvestor/hellweg/index.htm">
CNN and Money Magazine</a> take a look at Linux.
<P>
Drew Daniels has written a report that
<a href="http://lists.debian.org/debian-devel-0207/msg02232.html">
describes methods of backing up a Debian system</a>. The
program cruft is used to find files that are not covered by properly
installed packages. This
complements the
<a href="http://www.debian.org/doc/manuals/system-administrator/ch-sysadmin-backup.html">
chapter in the sysadmin guide</a>
about making backups.
(<a href="http://www.debian.org/News/weekly/2002/30/">
From Debian Weekly News</a>.)
<P>
<a href="http://www.oreillynet.com/pub/a/network/2002/08/05/sterling.html">
Bruce Sterling's talk</a> on Open Source, from the recent
O'Reilly Open Source Convention.
<P> Linux
<a href="http://newsvac.newsforge.com/article.pl?sid=02/08/05/1654245&mode=thread&tid=23">
makes headlines</a>
in professional DJ circles
with
<a href="http://www.finalscratch.com/">Final Scratch</a>.
<P>
As a follow-up on the USB 2.0 announcement in last month's News Bytes, here's
<a href="http://www.linux-usb.org/usb2.html">
a FAQ</a> from linux-usb.org for your further information.
<a href="http://www.linux-usb.org/">
www.linux-usb.org</a>
is always good place to look if you have any problems with USB devices on
Linux.
<P>
Rick Moen has written a FAQ on
<a href="http://linuxmafia.com/wpfaq/">
WordPerfect on Linux</a>,
which also covers some other
topics of longer-term interest than the decline of WP.
(The FAQ is also available in
<a href="http://linuxmafia.com/wpfaq/wpfaq-singlepage.html">
single page format</a>.)
<P>
Some links from
<a href="http://slashdot.org/">
Slashdot</a>
<ul>
<li>
Some
<a href="http://slashdot.org/articles/02/08/13/1552223.shtml?tid3">
links from LinuxWorld</a>.
</li>
<li>
Recovering Windows partitions
<a href="http://slashdot.org/articles/02/08/04/000205.shtml?tid6">
with Linux</a>.
</li>
<li>
An internet for
<a href="http://www.theregister.co.uk/content/6/26612.html">
Europeans only</a>? The original story is at The Register, though
<a href="http://slashdot.org/articles/02/08/09/1646249.shtml?tid">
Slashdot featured it too</a>.
</li>
<li>
<a href="http://www.linuxdevices.com/articles/AT4528760742.html">
Whitepaper</a>
at LinuxDevices.com about the GPL and Linux, written by a law student
who, studying under Lawrence Lessig, analyzed the GPL, its
enforceability, and why the large companies that used to fear it are now
embracing it. There are
<a href="http://developers.slashdot.org/developers/02/08/28/1648253.shtml?tid=117">
Slashdot comments too</a>.
</li>
</ul>
<a name="conferences"></a>
<p><hr><p>
<!-- =================================================================== -->
<center><H3><font color="green">Upcoming conferences and events</font></H3></center>
<p><hr><p>
<!-- *** BEGIN events table [this line needed by Linux Gazette events.py *** -->
<table cellpadding=5 border=0 width=100%>
<tr><td valign=top>
<b>Communications Design Conference (CMP)</b><BR>
<td valign=top>September 23-26, 2002<BR>San Jose, California<BR>
<a href="http://www.commdesignconference.com/" target="_blank">
http://www.commdesignconference.com/</A><BR>
<tr><td colspan=2><HR size=5 width=100% noshade align=center></td></tr>
<tr><td valign=top>
<b>IBM eServer pSeries (RS/6000) and Linux Technical University</b><BR>
<td valign=top>October 14-18, 2002<BR>Dallas, TX<BR>
<a href="http://www-3.ibm.com/services/learning/conf/us/pseries/" target="_blank">
http://www-3.ibm.com/services/learning/conf/us/pseries/</A><BR>
<tr><td colspan=2><HR size=5 width=100% noshade align=center></td></tr>
<tr><td valign=top>
<b>Software Development Conference & Expo, East (CMP)</b><BR>
<td valign=top>November 18-22, 2002<BR>Boston, MA<BR>
<a href="http://www.sdexpo.com/" target="_blank">
http://www.sdexpo.com/</A><BR>
<tr><td colspan=2><HR size=5 width=100% noshade align=center></td></tr>
</table>
<!-- *** END events table [this line needed by Linux Gazette events.py *** -->
<P> Listings courtesy <EM>Linux Journal</EM>. See <EM>LJ</EM>'s
<A HREF="http://www.linuxjournal.com/events.php">Events</A> page for the
latest goings-on.
<a name="general"></a>
<p><hr><p>
<!-- =================================================================== -->
<center><H3><font color="green">News in General</font></H3></center>
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">The Samba Team needs your help
</FONT>
</H3>
<P>
<a href="http://www.samba.org">
The Samba Team</a> has a number of significant expenses and so
have decided to setup a donation system to allow users of Samba to make
contributions to help cover the cost of running samba.org and
developing Samba.
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">XBox Linux
</FONT>
</H3>
<P>
The project to get Linux running on an XBox is proceeding quickly.
In August
<a href="http://newsvac.newsforge.com/article.pl?sid=02/08/17/1558213&mode=thread&tid=23">
the news emerged</a>
that the
<a href="http://news.zdnet.co.uk/story/0,,t269-s2120784,00.html">
first functional version</a>
of
<a href="http://xbox-linux.sourceforge.net/">
XBox Linux</a>
had been released. At time of writing, the current release is 0.2, and
features framebuffer support
(<a href="http://xbox-linux.sourceforge.net/screenshots.php">screenshots here</a>).
ISO images are available for download from the
<a href="http://xbox-linux.sourceforge.net/">
project's Sourceforge site</a>.
The project has not run entirely smoothly, however, and it
<a href="http://newsforge.com/newsforge/02/08/28/180256.shtml?tid=23">
was recently reported</a>
that project founder Enrico Kern has left the development group due to
differences with the current team leader.
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">OpenSSH Trojaned
</FONT>
</H3>
<P>
<a href="http://www.openssh.org/">
OpenSSH</a> was trojaned in early August. The
<a href="http://www.linuxsecurity.com/advisories/other_advisory-2232.html">
LinuxSecurity.com advisory</a> has details on how to tell if you are
affected (basically, you should be worried if you downloaded the OpenSSH
source between 30th July 2002 and 1st August 2002).
<P>
You can read news coverage of the vulnerability
<a href="http://www.theregister.co.uk/content/55/26492.html">
at The Register</a>, and
<a href="http://slashdot.org/article.pl?sid=02/08/01/129228&mode=nested&tid=172">
at Slashdot</a>.
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">We Want Linux Survey
</FONT>
</H3>
<P>
<a href="http://www.wewantlinux.org">
We Want Linux</a>, a self-funded non-commercial group of IT professionals,
would like to see the computing consumer have as many options in the
marketplace as possible, and in particular would like to see those who have an
interest in GNU/Linux be able to try out a demo machine in stores like
CompUSA and Best Buy, the same way they can right now with Windows.
The group
also feels that the potential Linux desktop user ought to have the same
opportunity as those who use Windows, that is, to buy a computer with
Linux pre-loaded and thereby avoid the hassle of installing an
operating system.
To these ends the group have created a web site
<a href="http://www.wewantlinux.org">
www.wewantlinux.org</a>,
for the purpose of surveying the computer-buying public and
determining how much demand there is for off-the-shelf computers with
GNU/Linux pre-loaded. You are invited to visit the site and participate
in the survey. Once a significant amount of survey data has been gathered,
the findings will be presented to the retailers in the hope of persuading
them to demo Linux in their stores.
<a name="distro"></a>
<p><hr><p>
<!-- =================================================================== -->
<center><H3><font color="green">Distro News</font></H3></center>
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">Debian
</FONT>
</H3>
<P>
LinuxOrbit's tutorials on the
<a href="http://www.linuxorbit.com/modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid=535">
Debian packaging tools</a>
and on the
<a href="http://www.linuxorbit.com/modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid=532">
Debian way to install a kernel</a>
are probably of interest to most Debian users. Also likely to be of
interest is Jay Salzman's
<a href="http://tldp.org/HOWTO/mini/Debian-Jigdo/">
Debian Jigdo mini-HOWTO</a>
which was recently added to the Linux Documentation Project.
Jigdo has made retrieving Debian ISO images far easier and more convenient
than it was in the past.
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">Knoppix
</FONT>
</H3>
<P>
<a href="http://www.knopper.net/knoppix/index-en.html">
Knoppix 3.1</a>, a Debian based distro run entirely from CD was
<a href="http://newsvac.newsforge.com/article.pl?sid=02/08/01/004245&mode=thread&tid=23">
released recently</a>.
Knoppix
<a href="http://www.linuxandmain.com/modules.php?name=News&file=article&sid=162">featured</a>
as project of the week on Linux and Main.
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">Slackware
</FONT>
</H3>
<P>
Several security updates are now available for
<a href="http://www.slackware.com">
Slackware 8.1</a>, including
updated packages for Apache, glibc, mod_ssl, openssh, openssl, and php.
The details are in the Slackware 8.1
<a href="http://www.slackware.com/changelog/">
ChangeLog</a>.
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">SuSE
</FONT>
</H3>
<P>
Telia Connect,
a Danish subsidiary of Telia, a Scandinavian
telecommunications and Internet service provider, executed a
long-term agreement with the Nuremberg-based
<a href="http://www.suse.de/en">
SuSE Linux AG</a>
for the maintenance of its IBM zSeries G7 mainframe systems.
Telia Connect's positive experience with SuSE Linux Enterprise
Server started in 2001, when the ISP consolidated a heterogeneous
farm of 70 Unix servers on one IBM mainframe. Since then, the
Internet pages and e-mail accounts of more than 400,000 customers
continue to be processed on one single IBM S/390 mainframe.
<P>
<hr width="20%" noshade>
<P>
<a href="http://www.mtu.de/mtu">
MTU Aero Engines</a>
has decided to
<a href="http://www.suse.com/us/company/press/press_releases/archive02/mtu_aero_engines.html">
use a Linux cluster for its engine development</a>.
The Linux cluster
consists of 64 Dell PowerEdge 1550 standard rack servers with two
1.13 GHz Intel Pentium III processors each, and a total main
memory of 144 GB SDRAM for the implementation of additional
computing capacities.
SuSE Linux Enterprise Server 7
is used as
the operating system. The computers are networked using Fast
Ethernet and 2 GBit/s Myrinet.
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">UnitedLinux
</FONT>
</H3>
<P>
<a href="http://www.unitedlinux.com">
United Linux</a>
participants
<a href="http://www.caldera.com/">Caldera</a> (now The SCO Group),
<a href="http://www.conectiva.com/">
Conectiva</a>,
<a href="http://www.suse.de/en/">
SuSE Linux</a>
and
<a href="http://www.turbolinux.com/">
Turbolinux</a>
have announced that UnitedLinux will be available
as a closed beta product by the end of August to partners of the
four founding companies. It is expected to be publicly available
in open beta by the end of Q3 2002.
<P>
To participate in the UnitedLinux closed beta, please visit
<a href="http://www.unitedlinux.com">
www.unitedlinux.com</a>
or contact any of the four founding Linux
companies.
<a name="commercial"></a>
<p><hr><p>
<!-- =================================================================== -->
<center><H3><font color="green">Software and Product News</font></H3></center>
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">ispell-gaeilge
</FONT>
</H3>
<P>
<a href="http://borel.slu.edu/">
Kevin Scannell</a>
has announced the release of a new version of
his package <em>ispell-gaeilge</em>
(Irish language support for International Ispell),
and the launch of a completely new package <em>aspell-gaeilge</em>
which uses the same word list plus a description of Irish phonetics to
improve the suggestions when a misspelled word is encountered.
This second version works with Kevin Atkinson's "aspell" program.
<P>
More information (in English) is available from
<a href="http://borel.slu.edu/ispell/index-en.html">
http://borel.slu.edu/ispell/index-en.html</a>
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">NSA Security Enhanced Linux
</FONT>
</H3>
<P>
A new version of
<a href="http://www.nsa.gov/selinux/index.html">
NSA's Security-Enhanced Linux</a>
has
<a href="http://newsvac.newsforge.com/article.pl?sid=02/08/24/2239257&mode=thread&tid=2">
been released</a>,
dated August 23. It includes a 2.4.19-based kernel.
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">
GMx Configuration File Management Tool for Linux and UNIX
</FONT>
</H3>
<P>
<a href="http://www.gmxsolutions.com">
GMx Solutions</a>
has announced the release of
<a href="http://www.gmxsolutions.com/products/cm_safe.shtml">
CM_SAFE</a>
version 1.5 with support for Linux on iSeries and disaster-recovery
functionality. CM_SAFE provides configuration management and version
control for configuration files on Open Systems servers. Systems
administrators can save configurations to the configuration repository.
When a configuration problem occurs, they can retrieve a known-working
configuration with a single command.
<P>
The CM_SAFE server is available for Linux partitions on iSeries and zSeries,
with agent support available for all major UNIX distributions and platforms.
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">SableVM 1.0.0 Released
</FONT>
</H3>
<P>
<a href="http://www.sablevm.org/">
SableVM</a>
is a portable bytecode interpreter written in C, and implementing the Java
virtual machine specification, second edition. Its goals are to be
reasonably small, fast, and efficient, as well as providing a well-designed
and robust platform for conducting research.
<P>
SableVM implements many innovative techniques (bidirectional object
layout, spinlock-free thin locks, sparse interface vtables, etc.) and
is licensed under the terms of the GNU Lesser General Public License.
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">Manning Releases Extending and Embedding Perl Book
</FONT>
</H3>
<P>
<a href="http://www.manning.com/">
Manning's</a>
<em>Extending and Embedding Perl</em> aims to explain
how to expand the functionality and usefulness of the Perl programming
language and how to use Perl from C programs.
The book spends a lot of time discussing how to write interfaces to C
libraries (as well as C++ and Fortran libraries). It shows how to implement
Perl callbacks for C libraries, how to pass Perl hashes and arrays between
Perl and C, and how to use the Perl Data Language infrastructure to improve
the speed of array operations.
<P>
The book is available both in 384pp softbound format ($44.95), and 2Mb PDF
format ($13.50),
from the publisher at
<a href="http://www.manning.com/jenness">
www.manning.com/jenness</a>.
(Note, I have not reviewed this book - MC.)
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">Linux Compatible Christian Resources
</FONT>
</H3>
<P>
Rev. Linda Richard is planning to expand her
<a href="http://www.christianpdfpublications.com">
Christian Publications website</a> into a resource for those seeking
Linux Compatible Software which is religious/inspirational in its
content. Currently the site features a collection of documents in
relatively Linux-friendly formats (PDF), but there are plans to include
further resources and links to resources.
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">Appligent Releases SecurSign 2.0
</FONT>
</H3>
<P>
<a href="http://www.appligent.com">
Appligent</a>,
a suburban-Philadelphia software developer and provider of
PDF-related software applications is introducing SecurSign 2.0,
a server-based solution that allows for the high-volume, on-demand
application of security and digital signatures to PDF documents. SecurSign
2.0 also offers user and owner passwords and restrictions for printing,
modifying, and copying text and graphics, as well as adding or changing
notes and form fields.
<P>
SecurSign 2.0 is compatible with the Adobe Acrobat Digital Signature
Mechanism found in Acrobat 4.0 and 5.0, and documents signed using
SecurSign 2.0 can be verified using Adobe Acrobat. SecurSign 2.0 is
available for Windows, Linux 7, AIX, Mac OS X, Solaris and HP-UX.
<P> <hr> <P>
<!-- =================================================================== -->
<H3><IMG ALT=" " SRC="../gx/bolt.gif">
<FONT COLOR="green">Other Software
</FONT>
</H3>
<P>
<a href="http://rr.codefactory.se/">RoadRunner</a> has reached version 0.9.
RoadRunner is an application toolkit library implementing BEEP (Blocks
Extensible Exchange Protocol).
(LG wonders if RoadRunner 1.0 will implement the BEEP-BEEP protocol ;-).
<!-- *** BEGIN copyright *** -->
<hr>
<CENTER><SMALL><STRONG>
Copyright &copy; 2002, .
Copying license <A HREF="../copying.html">http://www.linuxgazette.com/copying.html</A><BR>
Published in Issue 82 of <i>Linux Gazette</i>, September 2002</H5>
</STRONG></SMALL></CENTER>
<!-- *** END copyright *** -->
<HR>
<TABLE BORDER><TR><TD WIDTH="200">
<A HREF="http://www.linuxgazette.com/">
<IMG ALT="LINUX GAZETTE" SRC="../gx/2002/lglogo_200x41.png"
WIDTH="200" HEIGHT="41" border="0"></A>
<BR CLEAR="all">
<SMALL>...<I>making Linux just a little more fun!</I></SMALL>
</TD><TD WIDTH="380">
<center>
<BIG><BIG><STRONG><font color="maroon">Ecol</font></STRONG></BIG></BIG><BR>
<STRONG>By Javier Malonda at <A
HREF="http://escomposlinux.org">escomposlinux.org</A></STRONG></BIG>
</TD></TR>
</TABLE>
<P>
<!-- END header -->
<A HREF="mailto:antonio@escomposlinux.org">Antonio</A> from
<A HREF="http://escomposlinux.org/">escomposlinux.org</A> writes:
<BLOCKQUOTE><EM>
Hi. I am a member of escomposlinux.org, an organization supporting the
es.comp.os.linux.* newsgroups. Some years ago, a fellow member had the
wonderful idea of drawing a weekly comic strip based on linux.
<P> Well, recently, the strip has been translated into English (ajem, we
are doing our best ;-)
<P> The Spanish (ogirinally the only one) version is at
<A HREF="http://tira.escomposlinux.org">tira.escomposlinux.org</A>,
and the English translation at
<A HREF="http://comic.escomposlinux.org">comic.escomposlinux.org</A>.
</EM></BLOCKQUOTE>
Here are a few of the best cartoons since the comic started in January 2001.
<P>
<IMG SRC="misc/ecol/ecol-02-e.png">
<IMG SRC="misc/ecol/ecol-04-e.png">
<IMG SRC="misc/ecol/ecol-05-e.png">
<IMG SRC="misc/ecol/ecol-09-e.png">
<IMG SRC="misc/ecol/ecol-10-e.png">
<IMG SRC="misc/ecol/ecol-11-e.png">
<IMG SRC="misc/ecol/ecol-12-e.png">
<IMG SRC="misc/ecol/ecol-13-e.png">
<IMG SRC="misc/ecol/ecol-14-e.png">
<IMG SRC="misc/ecol/ecol-17-e.png">
<IMG SRC="misc/ecol/ecol-18-e.png">
<IMG SRC="misc/ecol/ecol-23-e.png">
<IMG SRC="misc/ecol/ecol-26-e.png">
<IMG SRC="misc/ecol/ecol-28-e.png">
<IMG SRC="misc/ecol/ecol-39-e.png">
<IMG SRC="misc/ecol/ecol-41-e.png">
<IMG SRC="misc/ecol/ecol-48-e.png">
<IMG SRC="misc/ecol/ecol-49-e.png">
<IMG SRC="misc/ecol/ecol-50-e.png">
<IMG SRC="misc/ecol/ecol-54-e.png">
<IMG SRC="misc/ecol/ecol-63-e.png">
<IMG SRC="misc/ecol/ecol-68-e.png">
<IMG SRC="misc/ecol/ecol-71-e.png">
<IMG SRC="misc/ecol/ecol-74-e.png">
<!-- *** BEGIN bio *** -->
<!-- *** END bio *** -->
<!-- *** BEGIN copyright *** -->
<hr>
<CENTER><SMALL><STRONG>
Copyright &copy; 2002, Javiar Malonda at escomposlinux.org.
Copying license <A HREF="../copying.html">http://www.linuxgazette.com/copying.html</A><BR>
Published in Issue 82 of <i>Linux Gazette</i>, September 2002
</STRONG></SMALL></CENTER>
<!-- *** END copyright *** -->
<HR>
<TABLE BORDER><TR><TD WIDTH="200">
<A HREF="http://www.linuxgazette.com/">
<IMG ALT="LINUX GAZETTE" SRC="../gx/2002/lglogo_200x41.png"
WIDTH="200" HEIGHT="41" border="0"></A>
<BR CLEAR="all">
<SMALL>...<I>making Linux just a little more fun!</I></SMALL>
</TD><TD WIDTH="380">
<center>
<BIG><BIG><STRONG><FONT COLOR="maroon">Qubism</FONT></STRONG></BIG></BIG><BR>
<STRONG>By <A HREF="mailto:sirflakey@core.org.au">Jon "Sir Flakey" Harsem</A></STRONG></BIG>
</TD></TR>
</TABLE>
<P>
<!-- END header -->
<BLOCKQUOTE><EM>
[These cartoons are scaled down to fit into LG.
To see a panel in all its clarity, click on it. -Editor (Iron).]
</EM></BLOCKQUOTE>
<P>
<A HREF="misc/qubism/qb-refuse.jpg">
<IMG ALT="[cartoon]" SRC="misc/qubism/qb-refuse.jpg"
WIDTH="640" HEIGHT="240"></A>
<BR CLEAR="all">
<A HREF="misc/qubism/qb-smallnsquishy.jpg">
<IMG ALT="[cartoon]" SRC="misc/qubism/qb-smallnsquishy.jpg"
WIDTH="640" HEIGHT="240"></A>
<BR CLEAR="all">
<P> All Qubism cartoons are
<A HREF="http://www.core.org.au/modules.php?name=Cartoons">here</A>
at the CORE web site.
<!-- *** BEGIN bio *** -->
<SPACER TYPE="vertical" SIZE="30">
<P>
<H4><IMG ALIGN=BOTTOM ALT="" SRC="../gx/note.gif">Jon "SirFlakey" Harsem</H4>
<EM>Jon is the creator of the Qubism cartoon strip and current
Editor-in-Chief of the
<A HREF="http://www.core.org.au/">CORE</A> News Site.
Somewhere along the early stages of
his life he picked up a pencil and started drawing on the wallpaper. Now
his cartoons appear 5 days a week on-line, go figure. He confesses to
owning a Mac but swears it is for "personal use".</EM>
<!-- *** END bio *** -->
<!-- *** BEGIN copyright *** -->
<hr>
<CENTER><SMALL><STRONG>
Copyright &copy; 2002, Jon "Sir Flakey" Harsem.
Copying license <A HREF="../copying.html">http://www.linuxgazette.com/copying.html</A><BR>
Published in Issue 82 of <i>Linux Gazette</i>, September 2002</H5>
</STRONG></SMALL></CENTER>
<!-- *** END copyright *** -->
<HR>
<TABLE BORDER><TR><TD WIDTH="200">
<A HREF="http://www.linuxgazette.com/">
<IMG ALT="LINUX GAZETTE" SRC="../gx/2002/lglogo_200x41.png"
WIDTH="200" HEIGHT="41" border="0"></A>
<BR CLEAR="all">
<SMALL>...<I>making Linux just a little more fun!</I></SMALL>
</TD><TD WIDTH="380">
<center>
<BIG><BIG><STRONG><FONT COLOR="maroon">Writing your own Toy OS - Part III</FONT></STRONG></BIG></BIG><BR>
<STRONG>By <A HREF="mailto:raghu4jm@yahoo.com">Raghu and Chitkala</A></STRONG></BIG>
</TD></TR>
</TABLE>
<P>
<!-- END header -->
<BLOCKQUOTE><EM>
[Krishnakumar is unable to continue this series himself due to other
commitments, so he has handed it over to his junior colleagues,
Raghu and Chitkala, who have written part III. -Editor.]
</EM></BLOCKQUOTE>
<p>
In Parts <A HREF="../issue77/krishnakumar.html">I</A> and <A
HREF="../issue79/krishnakumar.html">II</A> of this series, we examined the
process of using tools available with Linux to build a simple boot sector and
access the system BIOS. Our toy OS will be closely modelled after a `historic'
Linux kernel - so we have to switch to protected mode real soon! This part
shows you how it can be done.
<h2>1. What is <u>Protected Mode </u>?</h2>
<p>The 80386+ provides many new features to overcome the
deficiencies of 8086 which has almost no support for memory
protection, virtual memory, multitasking, or memory above 640K -
and still remain compatible with the 8086 family. The 386 has all
the features of the 8086 and 286, with many more enhancements. As
in the earlier processors, there is the real mode. Like the 286,
the 386 can operate in protected mode. However, the protected
mode on 386 is vastly different internally. Protected mode on the
386 offers the programmer better protection and more memory than
on the 286. The purpose of protected mode is not to protect your
program. The purpose is to protect everyone else (including the
operating system) from your program.</p>
<h2>1.1 Protected Mode vs Real Mode</h2>
<p>Superficially protected mode and real mode don't seem to be
very different. Both use memeory segmentation, interrupts and
device drivers to handle the hardware. But there are differences
which justify the existence of two separate modes. In real mode,
we can view memory as 64k segments atleast 16bytes apart.
Segmentation is handled through the use of an internal mechanism
in conjunction with segment registers. The contents of these
segment registers (CS,DS,SS...) form part of the physical address
that the CPU places on the addresss bus. The physical address is
generated by multiplying the segment register by 16 and then
adding a 16 bit offset. It is this 16 bit offset that limits us
to 64k segments.</p>
<p><em><strong>fig 1 : Real Mode Addressing </strong></em></p>
<p><img src="misc/raghu/fig1.png" width="349"
height="138"></p>
<p>In protected mode, segmentation is defined via a set of tables
called descriptor tables. The segment registers contain pointers
into these tables. There are two types of tables used to define
memory segmentation : The Global Descriptor Table and The Local
Descriptor Table. The GDT contains the basic descriptors that all
applications can access. In real mode one segment is 64k big
followed by the next in a 16 byte distance. In protected mode we
can have a segment as big as 4Gb and we can put it wherever we
want. The LDT contains segmentation information specific to a
task or program. An OS for instance could set up a GDT with its
system descriptors and for each task an LDT with appropriate
descriptors. Each descriptor is 8 bytes long. The format is given
below (fig 3). Each time a segment register is loaded, the base
address is fetched from the appropriate table entry. The contents
of the descriptor is stored in a programmer invisible register
called shadow registers so that future references to the same
segment can use this information instead of referencing the table
each time. The physical address is formed by adding the 16 or 32
bit offset to the base address in the shadow register.These
differences are made clear in figures 1 and 2.</p>
<p><em><strong>fig 2 : Protected Mode Addressing</strong></em></p>
<p><img src="misc/raghu/fig2.png" width="436"
height="233"></p>
<p><em><strong>fig 3 : Segment Descriptor Format</strong></em></p>
<p><img src="misc/raghu/fig3.png" width="432"
height="130"></p>
<p>We have yet another table called the interrupt descriptor
table or the IDT. The IDT contains the interrupt descriptors.
These are used to tell the processor where to find the interrupt
handlers. It contains one entry per interrupt, just like in Real
Mode, but the format of these entries is totally different. We
are not using the IDT in our code to switch to the protected mode
so further details are not given. </p>
<h2>2. Entering Protected Mode</h2>
<p>The 386 has four 32 bit control registers named CR0, CR1, CR2
and CR3. CR1 is reserved for future processors, and is
undefined for the 386. CR0 contains bits that enable and
disable paging and protection and bits that control the
operation of the floating point coprocessor. CR2 and CR3 are
used by the paging mechanism. We are concerned with bit 0 of the
CR0 register or the PE bit or the protection enable bit. When PE
= 1, the processor is said to be operating in protected mode with
the segmentation mechanism we described earlier. If PE = 0, the
processor operates in real mode. The 386 also has the
segmentation table base registers like GDTR, LDTR and
IDTR.These registers address segments that contain the descriptor
tables. The GDTR points to the GDT. The 48 bit GDTR defines the
base and the limit of the GDT directly with a 32 bit linear
address and a 16 bit limit.</p>
<p>Switching to protected mode essentially implies that we set
the PE bit. But there are a few other things that we must do. The
program must initialise the system segments and control
registers. Immediately after setting the PE bit to 1 we have to
execute a jump instruction to flush the execution pipeline of any
instructions that may have been fetched in the real mode. This
jump is typically to the next instruction. The steps to switch to
protected mode then reduces to the following :</p>
<ol>
<li>Build the GDT.</li>
<li>Enable protected mode by setting the PE bit in CR0.</li>
<li>Jump to clear the prefetch queue.</li>
</ol>
<p>We'll now give the code to perform this switching. </p>
<h2>3. What we need </h2>
<ul>
<li>a blank floppy</li>
<li>NASM assembler</li>
</ul>
<p>
<a href="misc/raghu/code.asm.txt">Click here</a> to download the code.
Type in the code to a file by name abc.asm.
Assemble it by typing the command <strong>nasm abc.asm</strong>.
This will produce a file called abc. Then insert the floppy and
type the following command <strong>dd if=abc of=/dev/fd0.</strong>
This command will write the file abc to the first sector of the
floppy. Then reboot the system. You should see the following
sequence of messages.</p>
<ul>
<li>Our os booting........................</li>
<li>A (Brown colour)</li>
<li>Switching to protected mode....</li>
<li>A (White colour)</li>
</ul>
<h2>4. The Code that does everything !</h2>
<p>We'll first give the code to perform the switching. It is
followed by a detailed explanation. </p>
<p>As mentioned in the previous article (Part 1) the BIOS selects
the boot device and places the first sector into the address 0x7c00.
We thus start writung our code at 0x7c00.This is what is implied by
the org directive.</p>
<h2>FUNCTIONS USED</h2>
<p><strong>print_mesg</strong>: This routine uses the subfunction 13h
of BIOS interrupt 10h to write a string to the screen.The attributes
are specified by placing appropriate values in various registers.
Interrupt 10h is used for various string manipulations.We store the
subfn number 13h in ah which specifies that we wish to print a string.
Bit 0 of the al register determines the next cursor position;if it is
0 we return to the beginning of the next line after the function call,
if it is 1 the cursor is placed immediately following the last
character printed.</p>
<p>The video memory is split into several pages called
video display pages.Only one page can be displayed at a time(For
further details on video memory refer Part 1).The contents of bh
indicates the page number,bl specifies the colour of the character to
be printed. cx holds the length of the string to be printed.Register
dx specifies the cursor position. Once all the attributes have been
initialised we call BIOS interrupt 10h.</p>
<p><strong>get_key</strong>: We use BIOS interrupt 16h whose sub
function 00h is used to get the next character from the screen.
Register ah holds the subfn number.</p>
<p><strong>clrscr</strong>: This function uses yet another subfn of
int 10h i.e 06h to clear the screen before printing a string.To
indicate this we initialise al to 0.Registers cx and dx specify the
window size to be cleared;in this case it is the entire screen.
Register bh indicates the colour with which the screen has to be
filled;in this case it is black.</p>
<h2><strong>Where everything begins !!</strong></h2>
<p>The first assembly language statement is a short jump to the
begin_boot code.We intend to print a brown 'A'in real-mode,set up a
GDT,switch to protected mode and print a white 'A'.Both these modes
use their own addressing methods.</p>
<p><strong>In Real-Mode</strong> :</p>
<p>We use segment register gs to point to video memory.We use a CGA
adapter(default base address 0xb8000).But hey we have a missing 0 in
the code.Well the Real-mode segmentation unit provides the additional
0.This is a matter of convenience,as the 8086 usually does a 20bit
address manipulation.This has been carried over in the real-mode
addressing of the 386.The ascii value for A is 0x41;0x06 specifies
that we need a brown coloured character.The display stays till we
press a key.Next let us display a message on the screen saying we are
going to the world of protected mode.So let us point the bp(base
pointer register to the message to be printed).</p>
<p><strong>Launchpad to the protected mode</strong> :</p>
<p>We don't need any interrupts bothering us,while in protected mode
do we ?So lets disable them(interrupts that is).That is what cli does.
We will enable them later.So lets start by setting up the GDT.We
initialise 4 descriptors in our attempt to switch to protected mode.
These descriptors initialise our code segment(code_gdt), data and stack
segments (data_gdt) and the video segment in order to access the video
memory. A dummy descriptor is also initialised although it's never
used except if you want to triple fault of course. This is a null
descriptor. Let us probe into some of the segment descriptor fields.
</p>
<ul>
<li> The first word holds the limit of the segment, which for
simplicity is assigned the maximum of FFFF(4G). For the video
segment we set a predefined value of 3999 (80 cols * 25 rows
* 2bytes - 1).</li>
<li> The base address of the code and data segments is set to 0x0000.
For the video segment it is 0xb8000 (Video Memory base address).
</li>
</ul>
<p> The GDT base address has to be loaded into GDTR system register.
The gdtr segment is loaded with the size of the GDT in the first word
and the base address in the next dword. The lgdt instruction then loads
the gdt segment into the GDTR register.Now we are ready to actually
switch to pmode. We start by setting the least significant bit of CR0
to 1( ie the PE bit).We are not yet in full protected mode!</p>
<p>Section 10.3 of the INTEL 80386 PROGRAMMER'S REFERENCE MANUAL 1986
states : Immediately after setting the PE flag,the initialization
code must flush the processor's instruction prefetch queue by
executing a JMP instruction.The 80386 fetches and decodes instructions
and addresses before they are used; however, after a change into
protected mode, the prefetched instruction information (which pertains
to real-address mode) is no longer valid. A JMP forces the processor
to discard the invalid information.</p>
<p>We are in protected mode now. Want to check it out? Let's get our
A printed in white. For this we initialise the data and extra segments
with the data segment selector (datasel). Initialise gs with the video
segment selector (videosel). To display a white 'A' move a word
containing the ascii value and attribute to location [gs:0000] ie
b8000 : 0000. The spin loop preserves the text on the screen until
the system is rebooted.</p>
<p>The times instruction is used to fill in 0s in the remaining
unused bytes of the sector.To indicate that this is a bootable sector
we write AA55 in bytes 511,512. That's about all. </p>
<!-- *** BEGIN bio *** -->
<P>
<H4><IMG ALIGN=BOTTOM ALT="" SRC="../gx/note.gif">Raghu and Chitkala</H4>
<EM>Raghu and Chitkala are seventh-semester students at the Government
Engineering College, Thrissur, India. Their final-year project is porting User
Mode Linux to BSD. Their interests include Operating Systems, Networking and
Microcontrollers.</EM>
<!-- *** END bio *** -->
<!-- *** BEGIN copyright *** -->
<hr>
<CENTER><SMALL><STRONG>
Copyright &copy; 2002, Raghu and Chitkala.
Copying license <A HREF="../copying.html">http://www.linuxgazette.com/copying.html</A><BR>
Published in Issue 82 of <i>Linux Gazette</i>, September 2002</H5>
</STRONG></SMALL></CENTER>
<!-- *** END copyright *** -->
<HR>
<TABLE BORDER><TR><TD WIDTH="200">
<A HREF="http://www.linuxgazette.com/">
<IMG ALT="LINUX GAZETTE" SRC="../gx/2002/lglogo_200x41.png"
WIDTH="200" HEIGHT="41" border="0"></A>
<BR CLEAR="all">
<SMALL>...<I>making Linux just a little more fun!</I></SMALL>
</TD><TD WIDTH="380">
<center>
<BIG><BIG><STRONG><FONT COLOR="maroon">Kerberos: The watchdog of the Ether</FONT></STRONG></BIG></BIG><BR>
<STRONG>By <A HREF="mailto:rajshekhar3007@yahoo.co.in">Raj Shekhar</A></STRONG></BIG>
</TD></TR>
</TABLE>
<P>
<!-- END header -->
<h2>Introduction</h2>
<p>The first computer networks were used to send e-mails and share files and printers
between researchers and corporate employees. In such a scenario security was
not given much thought. Now the computer networks (especially the Internet)
are used by millions for banking, shopping and filing their tax returns, and
network security has become a major problem. Network security can be divided
into four areas.
<dl>
<dt><STRONG>Secrecy</STRONG> </dt>
<dd>Secrecy has to do with keeping information out of the reach of nosy unauthorized
people. </dd>
<dt><STRONG>Authentication</STRONG></dt>
<dd>Authentication deals with determining the identity of the communication
partner, whether it/he/she is an impostor or the real thing. </dd>
<dt><STRONG>Non repudiation</STRONG></dt>
<dd>Non repudiation deals with signatures: it uniquely identifies the sender
of a message or file. How can you prove that the order for "10 million left
shoes only" came from your customer when he claims he ordered "10 right shoes
only". </dd>
<dt><STRONG>Integrity control</STRONG></dt>
<dd>Integrity control assures that vital data has not been modified. Integrity
is critical for conducting commerce over the Internet. Without assured integrity,
purchase orders, contracts, specifications, or stock purchase orders could
be modified with devastating effects. </dd>
</dl>
<h2>Need for Authentication</h2>
<p> Why do we need an authentication service? An authentication service verifies
the identity of the communication partner. Authentication is a fundamental building
block of a secure network environment. If a server knows for certain the identity
of its client, it can decide whether to provide it a particular service (for
example.. printing facility) or not, whether to give the user special privileges etc. As
an aside authentication and <em>authorization</em> are different. If user Foo
says <em> "delete file bar"</em>, then the problem of verifying whether the
command came from Foo is authentication. The problem of verifying whether Foo
has permission to delete file bar is authorization. </p>
<p> Let's take an example of Alice, who wishes to deal with Bob, her banker. In real
life Bob and Alice can authenticate each other by recognizing each others faces,
voices or handwriting . However if they wish to transact over network none of
these options are available. How can Bob be sure that the request to transfer
all of Alice's money to a secret Swiss bank account came from Alice and not
from Eve? </p>
<p>This is where an authentication service comes in. Alice starts by sending out
a message to Bob. As these messages are being sent, we have Eve, an intruder,
who may intercept, modify or replay the messages to trick Alice and Bob or just
to throw a spanner in the works. Nevertheless when the authentication is
complete, Alice
is sure she is talking to Bob and Bob is sure that he is talking to Alice. </p>
<h2>Enter Kerberos</h2>
<p>Kerberos was created by MIT as a solution to network security problems. It
has its roots in Project Athena, started in 1983. The aim of Project Athena
was to create an educational computing environment built around high-performance
graphic workstations, high speed networking, and servers of various types. Project
Athena used Kerberos as its authentication system. The name Kerberos comes from
Greek mythology; it is the three-headed dog that guarded the entrance to Hades.
The Kerberos protocol uses strong cryptography so that a client can prove its
identity to a server (and vice verse) across an insecure network connection.
After a client and server have used Kerberos to prove their identity, they can
also encrypt all of their communications to assure privacy and data integrity
as they go about their business. </p>
<p>From
<a title="http://web.mit.edu/Kerberos/www/ " href="http://web.mit.edu/Kerberos/www/">
http://web.mit.edu/Kerberos/www/</a>
<blockquote><em>
Many of the protocols used in the Internet do not provide any security.
Tools to "sniff" passwords off the network are in common use by systems crackers.
Thus, applications which send an unencrypted password over the network are extremely
vulnerable. Worse yet, other client/server applications rely on the client program
to be "honest" about the identity of the user who is using it .Other applications
rely on the client to restrict its activities to those which it is allowed to
do, with no other enforcement by the server.</em> </blockquote>
<p> The original design and implementation of Kerberos Versions 1 through 4 was
the work of two former Project Athena staff members, Steve Miller of Digital
Equipment Corporation and Clifford Neuman (now at the Information Sciences Institute
of the University of Southern California), along with Jerome Saltzer, Technical
Director of Project Athena, and Jeffrey Schiller, MIT Campus Network Manager.
Many other members of Project Athena have also contributed to the work on Kerberos.
The latest version of Kerberos 4 from MIT is patch level 10.It is officially
considered "dead" by MIT; all current development is concentrated on Kerberos
5. The latest version of Kerberos 5 is 1.2.1. </p>
<h2>Some Keywords First </h2>
<p> The art of devising ciphers is known as <strong>cryptography</strong> and
breaking them is known as <strong>cryptanalysis</strong>; together they are
known as <strong>cryptology </strong>. The message to be encrypted is known
as <strong>plaintext</strong> or <strong>cleartext</strong>. The plaintext is
encrypted by using a function, which takes as a parameter a <strong>key</strong>.
The output of the encryption process is known as <strong>ciphertext </strong>.When
ciphertext is put through a <strong> decryption function</strong>, we get back
the plaintext. Going back to our story of Alice and Bob, they (Alice and Bob)
are sometimes referred to as <strong>principals</strong>, the main characters
of the story. </p>
<p> Traditionally, the encryption key is same as the decryption key. The key is
known only to the principals. Such a key is known as <strong>shared secret
key</strong>. However in a cypto system proposed by Diffie and Hellman
(researchers
at Stanford University) in 1976, the encryption and decryption keys are
different. The
key to be used for encryption is made public so that messages to be sent to
that user can be encrypted using the publicly available key. This key is known
as the <strong> public key</strong>. Each user also has a <strong>private key
</strong>,known only to the user, which is used for decrypting messages sent
to the user. This system is known as <strong>public-key cryptography </strong>,
to contrast with shared-key cryptography. The RSA algorithm is an example of
public-key cryptography. </p>
<h2>And Some More ...</h2>
<p> Before describing the authentication process, it is important to remove ambiguities
in the terms to be used. </p>
<p> Often network applications are made of two parts,
<ul>
<li>the part which requests a service, called the client side of the application
</li>
<li>the part which provides the service, called the server side of the application
</li>
</ul>
In a sense, every entity that uses the Kerberos system is a client. To distinguish
between the Kerberos client and the client of a service, the client using the
Kerberos service is known as a <strong>Kerberos client</strong>. The term <strong>application
server</strong> refers to the server part of the application, that the clients
communicate with using Kerberos for authentication.
<p></p>
<p> Kerberos is a trusted <strong>third party authentication system</strong>. It
is trusted in the sense that each of its client believes the judgment of the
Kerberos' as to the identity of each of its other client to be accurate. To
prove to the application server that it (Kerberos client) is trusted by the
Kerberos server, it uses a <strong>ticket </strong>.In order for the Kerberos
client to use any application server, a ticket is required. The server examines
the ticket to verify the identity of the user. If all checks out, then the client
is accepted. Along with a ticket an <strong>authenticator</strong> is also used
by a Kerberos client to prove its identity. The authenticator contains the additional
information which, when compared against that in the ticket proves that the
client presenting the ticket is the same one to which the ticket was issued.
</p>
<p>Kerberos maintains a database of its clients and their private keys for authentication.
Because Kerberos knows these private keys, it can create messages which convince
one client that another is really who it claims to be. The designers did not
expect the entire world to trust a single database, so they made provision for
having different <strong>realms</strong>. The realm is an administrative entity
that maintains authentication data. Each organization wishing to run a Kerberos
server establishes its own "realm". </p>
<h2>And Now the Details </h2>
<p> Kerberos assumes that the Kerberos clients are not trustworthy and requires
the client to identify itself every time a service is requested from some other
Kerberos client. The technique used by Kerberos are unobtrusive. Kerberos follows
the following guidelines:
<ul>
<li>Passwords are never sent across the network in cleartext. They are always
encrypted. Additionally, passwords are never stored on Kerberos clients or
server in cleartext.</li>
<li>Every client has a password i.e. every application server, user, Kerberos client
has a password.</li>
<li>The <em>only </em> entity that knows all the password is the Kerberos server
and it operates under considerable physical security. </li>
</ul>
<p> Both the client and the application server are required to have keys registered
with the authentication server (AS). If the client is a user, his key is derived
from a password that he chooses; the key for a service (for example. a printing daemon)
is a randomly selected key. These keys are negotiated during the registration
of the clients. </p>
The authentication process proceeds as follows:
<ol>
<li>A client sends a request to the authentication server requesting "credentials"
for a given application server. The credentials consist of a ticket for the
server and a session key. The ticket contains, along with other fields, the
name of the server, the name of the client, the Internet address of the client,
a timestamp, a lifetime, and session key. This information (the ticket) is
encrypted using the key of the server for which the ticket will be used.
Once the ticket has been issued, it may be used multiple times by the named client
to gain access to the named server, until the ticket expires.
<blockquote><em> Why is a timestamp included? The timestamp is put to prevent
someone else from copying the ticket and using it to impersonate the Kerberos
client at a later time. This type of attack is known as a r<strong>eplay</strong>.
Because
clocks don't always work in perfect synchrony, a small amount of leeway
(about five minutes is typical) is given between the timestamp and the current
time. </em> </blockquote>
</li>
<li>The AS responds with these credentials (the ticket and the session key),
encrypted in the client's key. The AS also includes its name in the credentials
to convince the Kerberos client that the decryption by the server was
successful
and the message came from the server.
<blockquote><em> The AS does not know whether the client is actually the principal
which initiated the request for a the ticket. It simply sends a reply without
knowing or caring whether they are the same. This is acceptable because
nobody but the Kerberos client whose identity was given in the request will
be able to use the reply. Its critical information is encrypted in that
principal's key. </em> </blockquote>
</li>
<li>The Kerberos client decrypts the credentials using its key to extract the
session key. Note that because the ticket is encrypted in the key of the application
server, a Kerberos client cannot decrypt it.</li>
<li>In order to gain access to the application server, the Kerberos client builds
an authenticator containing the client<6E>s name and IP address, and the current
time. The authenticator is then encrypted in the session key that was received
with the ticket for the server. The client then sends the authenticator along
with the ticket to the server. </li>
<li> The service decrypts the ticket with its own key, extracting the session
key and the identity of the Kerberos client which the server sent it inside
the ticket. It then opens the authenticator with the session key. The authenticator
and the ticket demonstrate the identity of the client. </li>
<li> The session key (now shared by the client and application server) is used
to authenticate the client, and may optionally be used to authenticate the
server. It may also be used to encrypt further communication between the two
parties or to exchange a separate sub-session key to be used to encrypt further
communication. </li>
</ol>
<h3>The Ticket Granting Ticket</h3>
<p>One of the goals of the Kerberos system is to remain as unobtrusive as
possible. In the above exchange, the Kerberos client has to enter in a password every time
it has to decrypt the credentials passed to it by the AS . If the Kerberos client
is a user it becomes quite irritating to enter his password to have a file
printed or whenever he wants modify a file on the network (remember that the
key is derived from the user's password). The obvious way around this is to
cache the key derived from the password. But caching the key is dangerous. With
a copy of this key, an attacker could impersonate the user at any time (until
the password is next changed). </p>
<p>Kerberos resolves this problem by introducing a new agent, called the ticket
granting server (TGS). The TGS is logically distinct from the AS, although they
may reside on the same physical machine. (They are often referred to collectively
as the KDC--the Key Distribution Center). The function of the TGS is as follows.
Before accessing any regular service, the user requests a ticket to contact
the TGS, just as if it were any other service. This usually occurs when the
user first logins into the system. This ticket is called the ticket granting
ticket (TGT). After receiving the TGT, any time that the user wishes to contact
a service, he requests a ticket not from the AS, but from the TGS. Furthermore,
the reply is encrypted not with the user's secret key, but with the session
key that the AS provided for use with the TGS. Inside that reply is the new
session key for use with the regular service. The rest of the exchange now continues
as described above. The TGT is good only for a fairly short period, typically
eight hours. </p>
<h3>Cross Realm Authentication</h3>
<p>
The Kerberos protocol is designed to operate across organizational
boundaries. A client in one organization can be authenticated to a
server in another. Each organization wishing to run a Kerberos
server establishes its own "realm". The name of the realm in which a
client is registered is part of the client's name, and can be used by
the application server to decide whether to honor a request.
</p>
<p> By establishing "inter-realm" keys, the administrators of two realms can allow
a client authenticated in the local realm to use its authentication remotely
The exchange of inter-realm keys registers the ticket-granting service of each
realm as a principal in the other realm. A client is then able to obtain a ticket-granting
ticket for the other realm's ticket-granting service from its local realm. When
that ticket-granting ticket is used, the other ticket-granting service uses
the inter-realm key (which usually differs from its own normal TGS key) to decrypt
the ticket-granting ticket, and is thus certain that it was issued by the client's
own TGS. Tickets issued by the remote ticket- granting service will indicate
to the end-service that the client was authenticated from another realm.
</p>
<h2>Conclusion</h2>
<p>Kerberos is not a one-shot solution to the network security problem.Trust is inherent
throughout the system: the client trusts Kerberos, if it correctly provides the client's
encryption key.The application trusts the client if the client successfully provides a
ticket that is encrypted using the server's key.In this trust lies the weakness of the system.
<p>Specifically speaking, secret keys should be kept just that, secret. If an intruder somehow
steals a principal's key, it will be able to impersonate the principal. "Password guessing"
attacks are not solved by Kerberos. If a user chooses a poor password, it is possible for an
attacker to successfully mount an dictionary attack.Kerberos makes no provisions for client's
security; it assumes that it is running on trusted clients with an untrusted network. If the
client's security is compromised, then Kerberos is compromised as well. However, the degree to
which Kerberos is compromised depends on the host that is compromised. If an attacker breaks
into a multi-user machine and steals all of the tickets stored on that machine, he can
impersonate the users who have tickets stored on that machine .... but only until those
tickets expire.
</p>
<!-- *** BEGIN bio *** -->
<P>
<H4><IMG ALIGN=BOTTOM ALT="" SRC="../gx/note.gif">Raj Shekha</H4>
<EM>I have completed my Bachelor in Information Technology from University
of Delhi. I have been a Linux fan since the time I read "Unix Network
Programming" by Richard Stevens and started programming in Linux in my seventh
semaster . I have been trying to convert people right,left and center ever
since. I live at
<A HREF="http://geocities.com/lunatech3007">http://geocities.com/lunatech3007</A>.</EM>
<!-- *** END bio *** -->
<!-- *** BEGIN copyright *** -->
<hr>
<CENTER><SMALL><STRONG>
Copyright &copy; 2002, Raj Shekhar.
Copying license <A HREF="../copying.html">http://www.linuxgazette.com/copying.html</A><BR>
Published in Issue 82 of <i>Linux Gazette</i>, September 2002</H5>
</STRONG></SMALL></CENTER>
<!-- *** END copyright *** -->
<HR>
<TABLE BORDER><TR><TD WIDTH="200">
<A HREF="http://www.linuxgazette.com/">
<IMG ALT="LINUX GAZETTE" SRC="../gx/2002/lglogo_200x41.png"
WIDTH="200" HEIGHT="41" border="0"></A>
<BR CLEAR="all">
<SMALL>...<I>making Linux just a little more fun!</I></SMALL>
</TD><TD WIDTH="380">
<center>
<BIG><BIG><STRONG><FONT COLOR="maroon">My Guide To Digital Photography</FONT></STRONG></BIG></BIG><BR>
<STRONG>By <A HREF="mailto:robt@robtougher.com">Rob Tougher</A></STRONG></BIG>
</TD></TR>
</TABLE>
<P>
<!-- END header -->
<h3>Contents</h3>
<ul>
<li><a href=#1>Introduction</a>
<li><a href=#2>Storing Photographs</a>
<li><a href=#3>Manipulating Photographs</a>
<li><a href=#4>Sharing Photographs</a>
<li><a href=#5>Conclusion</a>
</ul>
<a name=1></a>
<h3>Introduction</h3>
<p>
Since its initial installation on my machine in 2000, Linux
has fulfilled my computing needs.
I use Linux for the following:
</p>
<ul>
<li>web browsing and email
<li>software development
<li>writing articles
<li>web site hosting
<li>digital photography
</ul>
<p>
This article focuses on the last item, digital photography, and
describes how I use Linux to store,
manipulate, and share my digital photographs.
</p>
<a name=2></a>
<h3>Storing Photographs</h3>
<p>
I store my photographs in two places: on my hard drive, which
acts as short-term storage, and on CD-ROM, where the photographs are
permanently stored. I keep the last few months of photographs
on my machine so they can be recalled quickly, and I
transfer the older ones to CD-ROM to free up space on my drive.
</p>
<p>
To download photographs from my camera to my computer, I use
the <b><a href="http://www.linux-usb.org/">USB Mass Storage Driver</a></b>.
This driver is part of the Linux kernel, and
lets me mount my camera as a SCSI device. I then use the
<b>mv</b> command to transfer the photographs to my
hard disk. My session usually looks like the following:
</p>
<pre>
prompt$ mount -n /dev/sdb1 /mnt/camera
prompt$ mv /mnt/camera/dcim/100msdcf/* /home/robt/docs/photographs/
prompt$ umount -n /mnt/camera
</pre>
<p>
Pretty simple, right? I mount the camera, move the photographs to
a directory on my hard disk, and then unmount the camera.
</p>
<p>
(The USB Mass Storage Driver works with only a few camera models. Mine is a
Sony DSC-F707. Many other cameras such as the Canon PowerShot series are
recognized by the <A HREF="http://www.gphoto.org/">Gphoto2</A> program. Some
cameras don't work yet under Linux -- it all depends on the camera manufacturer
giving us, the free software community, enough technical specifications that
we can write a driver.)
</p>
<p>
When my hard disk becomes filled, I transfer the older photographs to
CD-ROM.
I accomplish this by placing a blank CD-ROM in my CD Writer and
typing the following at a command prompt
(see the
<b><a href="http://www.tldp.org/HOWTO/CD-Writing-HOWTO.html">
CD Writing HOWTO</a></b> for information on how to use your
CD Writer):
</p>
<pre>
prompt$ mkisofs -o cd_image /home/robt/docs/photographs
prompt$ cdrecord -v speed=4 dev=0,0,0 -data cd_image
</pre>
<p>
This creates a cd image containing my photographs, and
burns the image to a fresh CD-ROM.
</p>
<a name=3></a>
<h3>Manipulating Photographs</h3>
<p>
In photography, <i>composition</i> deals with the placement of objects
within the frame of the photograph. A photographer makes many important
decisions when composing a photograph:
</p>
<ul>
<li>Should I include X in the photograph?
<li>Should I shoot this horizontally, or vertically?
<li>How much depth-of-field should there be?
</ul>
<p>
As a novice photographer, my composition skills are lacking.
I usually include too much background in my photographs,
and I am oblivious to the camera's numerous features.
</p>
<p>
I use the <b><a href="http://www.gimp.org/">GIMP</a></b>
to salvage my poor photographs. GIMP
stands for the GNU Image Manipulation Program - it is
a full-featured image manipulation application, similar
to Adobe's Photoshop. I use it to perform the following:
</p>
<ul>
<li>crop photographs that are not composed correctly
<li>change the saturation of colors in photographs
<li>sharpen photographs that are blurry
</ul>
<p>
These are only a few of the GIMP's features, but they greatly improve
the quality of my photographs. I look forward to learning more
about the GIMP.
</p>
<a name=4></a>
<h3>Sharing Photographs</h3>
<p>
I share my digital photographs with friends and family. I accomplish this
by posting the photographs to a publicly-accessible web site.
Before posting, however, I do the following:
</p>
<ul>
<li>resize the photographs to a suitable web size
<li>create thumbnails of the photographs
<li>generate the HTML needed to display the photographs on a web page
</ul>
<p>
I use two
<b><a href="http://www.python.org">Python</a></b> scripts to perform these
operations automatically.
The first is named
<a href="misc/tougher/generate_photographs.py.txt">generate_photographs</a>.
This script uses the
<b>convert</b> command to
create web-sized photographs and thumbnails (<b>convert</b> is part of
the <b><a href="http://www.imagemagick.org/">ImageMagick</a></b>
suite of tools. Definitely check them out). The following
is the complete script:
</p>
<pre>
#!/usr/bin/env python
import os
#
# Prints the call to
# stdout, and then sends it
# to the OS.
#
def system_call(s):
print s
os.system(s)
#
# Clear out the directories. "small"
# contains thumbnails, and "medium"
# contains web-sized photographs.
#
for d in ("small", "medium"):
system_call("rm -rf " + d)
system_call("mkdir " + d)
files = os.listdir("photographs")
for file in files:
if file != ".directory":
system_call("convert -resize 640x480 photographs/" + file + " medium/" + file)
system_call("convert -resize 160x120 medium/" + file + " small/" + file)
</pre>
<p>
The second script is named
<a href="misc/tougher/generate_html.py.txt">generate_html</a>.
It loops through the photographs,
and creates the HTML needed to display them on a web page. The following
is the script, trimmed to show the Python code only:
</p>
<pre>
#!/usr/bin/env python
import os
#
# HTML-related stuff removed....
#
html = ""
files = os.listdir("photographs")
br = 0
for file in files:
html += '&lt;a href="medium/' + file + '"&gt;'
html += '&lt;img src="small/' + file + '"&gt;&lt;/img&gt;\n'
html += '&lt;/a&gt;'
if br:
html += '&lt;br&gt;\n'
br = 0
else:
br = 1
#
# HTML-related stuff removed....
#
f = open("index.php","w+b")
f.write(html)
f.close()
</pre>
<p>
After running these two scripts, I post the files
to my web site, and email the address to everyone.
</p>
<a name=5></a>
<h3>Conclusion</h3>
<p>
In this article I described how I use Linux to
store, manipulate, and share
my digital photographs. Hopefully I explained
my techniques clearly enough so that you can use
them for your digital photography needs.
</p>
<!-- *** BEGIN bio *** -->
<P>
<H4><IMG ALIGN=BOTTOM ALT="" SRC="../gx/note.gif">Rob Tougher</H4>
<EM>Rob is a C++ software engineer in the New York City area.</EM>
<!-- *** END bio *** -->
<!-- *** BEGIN copyright *** -->
<hr>
<CENTER><SMALL><STRONG>
Copyright &copy; 2002, Rob Tougher.
Copying license <A HREF="../copying.html">http://www.linuxgazette.com/copying.html</A><BR>
Published in Issue 82 of <i>Linux Gazette</i>, September 2002</H5>
</STRONG></SMALL></CENTER>
<!-- *** END copyright *** -->
<HR>
<TABLE BORDER><TR><TD WIDTH="200">
<A HREF="http://www.linuxgazette.com/">
<IMG ALT="LINUX GAZETTE" SRC="../gx/2002/lglogo_200x41.png"
WIDTH="200" HEIGHT="41" border="0"></A>
<BR CLEAR="all">
<SMALL>...<I>making Linux just a little more fun!</I></SMALL>
</TD><TD WIDTH="380">
<center>
<BIG><BIG><STRONG><FONT COLOR="maroon">Adaptive Linux Firewalls</FONT></STRONG></BIG></BIG><BR>
<STRONG>By <A HREF="mailto:dive_mauritius@killspam.hotmail.com">Vasoo Veerapen</A></STRONG></BIG>
</TD></TR>
</TABLE>
<P>
<!-- END header -->
<p><font size="2" face="Courier New"><strong>Introduction.</strong></font></p>
<p><font size="2" face="Courier New">Automatic firewall hardening
is a technique used by many commercial firewalls to prevent
invalid packets from reaching protected networks. The objective
of this document is to demonstrate how to harden iptables in real-time.</font></p>
<p><font size="2" face="Courier New">By default, iptables can log
messages via the Linux syslogd daemon. Logs by themselves are
fine for basic security but do not address advanced security
issues. For advanced security a system needs to run&nbsp;custom
scripts as soon as illegal operations are logged by&nbsp;the
firewall. Depending on the severity of the violations, you can
program these scripts to perform various actions such as blocking
offending IP addresses. The techniques outlined in this document
are not limited to iptables, and can also be modified to process
output from any application which logs via syslog e.g. intrusion
detection scanners such as SNORT.</font></p>
<p><font size="2" face="Courier New">The content in this document
has been tested against Red Hat 7.2/7.3 only, but then, I live on
the island of Mauritius which is a hell of a journey from
civilisation, and all of us here are scantily clad Zulu warriors
:-) For more info about Mauritius and scuba diving try </font><a
href="http://www.islandsoft.net/"><font size="2"
face="Courier New">www.islandsoft.net</font></a><font size="2"
face="Courier New">&nbsp;</font></p>
<p><font size="2" face="Courier New">An excellent document on the
Linux firewall capabilites is the Iptables Tutorial by Oskar
Andreasson which you can find at </font><a
href="http://iptables-tutorial.haringstad.com/">http://iptables-tutorial.haringstad.com/</a>
</p>
<hr>
<p><font size="2" face="Courier New"><strong>Linux Reference
Books.</strong></font></p>
<p><font size="2" face="Courier New">Here are some Linux books
which you may find interesting. Please open each link in a new
window.</font></p>
<p><a
href="http://www.amazon.com/exec/obidos/ASIN/0201774232/scubadivingtheis">Advanced
Linux Networking</a><br>
<a
href="http://www.amazon.com/exec/obidos/ASIN/0471232823/scubadivingtheis">Hack
Attacks Revealed: A Complete Reference</a><br>
<a
href="http://www.amazon.com/exec/obidos/ASIN/0072127732/scubadivingtheis">Hacking
Linux Exposed</a> <br>
<a
href="http://www.amazon.com/exec/obidos/ASIN/0735710996/scubadivingtheis">Linux
Firewalls (2nd Edition)</a><br>
<a
href="http://www.amazon.com/exec/obidos/ASIN/0130861138/scubadivingtheis">Linux
Routers</a><br>
<a
href="http://www.amazon.com/exec/obidos/ASIN/0735710082/scubadivingtheis">Network
Intrusion Detection (An Analysts Handbook, 2nd Edition)</a><br>
<a
href="http://www.amazon.com/exec/obidos/ASIN/0672323826/scubadivingtheis">PHP
and PostgreSQL Advanced Web Programming</a><br>
<a
href="http://www.amazon.com/exec/obidos/ASIN/0130281875/scubadivingtheis">Real
World Linux Security: Intrusion Prevention, Detection and
Recovery</a><br>
<a
href="http://www.amazon.com/exec/obidos/ASIN/0764549413/scubadivingtheis">Red
Hat Linux 7.3 Bible</a></p>
<hr>
<p><font size="2" face="Courier New"><strong>The Theory.</strong></font></p>
<p><font size="2" face="Courier New">Linux syslogd incorporates
an interesting feature which allows it to redirect its output to
user defined pipes instead of log files. I will use a Perl script
to process messages coming from syslogd&nbsp;and dynamically
reconfigure iptables.</font></p>
<hr>
<p><font size="2" face="Courier New"><strong>What You Will Need.</strong></font></p>
<p><font size="2" face="Courier New">The examples in this
document use a postgresql server. Most people are familiar with
MySQL ,so porting should not be a problem. I prefer Postgres
because it has many features present in commercial databases. For
more information about PostgreSQL visit </font><a
href="http://www.postgresql.org/">http://www.postgresql.org/</a><font
size="2" face="Courier New">. You will also need the postgresql-perl,
Perl and iptables packages installed on the firewall machine. </font></p>
<p><font size="2" face="Courier New">On the postgreSQL server
create a database called &quot;adaptive&quot; and a table called
&quot;iptables&quot;. Add the folowing fields.</font></p>
<ol>
<li><font size="2" face="Courier New">ipaddress as char 16 </font></li>
<li><font size="2" face="Courier New">severity as int4 </font></li>
<li><font size="2" face="Courier New">time as datetime</font></li>
</ol>
<hr>
<p><font size="2" face="Courier New"><strong>Basic Security.</strong></font></p>
<p><font size="2" face="Courier New">TO DO: More detail on MAC
addressses and ARP poisoning.</font></p>
<p><font size="2" face="Courier New">In my opinion, the only
services, which should be running on a firewall, are syslog and
cron. You should also have a printer logging whatever gets sent
to syslog. The reason for having a printer is that if your
machine does get hacked, and the cracker overwrites the logs, you
will still be able to see how the exploit was performed. Your
firewall should also preferably be running off a CD-ROM and
loading its ruleset from a write protected floppy disk.</font></p>
<p><font size="2" face="Courier New">Knowing the MAC addresses
present on your network is very important. The firewall must be
aware of any rogue MAC addresses, which may be originating from a
machine which, may have been unlawfully introduced into your
network.</font></p>
<hr>
<p><font size="2" face="Courier New"><strong>Locking Down The
Firewall During The Boot Process.</strong> </font></p>
<p><font size="2" face="Courier New">The first step that you will
want to take is to secure your firewall while it is booting. By
default, iptables allows unrestricted packet movement on the
INPUT, OUTPUT and FORWARD chains. This poses a security threat
while your machine is booting, and opens up your network to
various types of assault. To avoid this, you must instruct
iptables to block all packet movement BEFORE the network
interfaces start up.</font></p>
<p><font size="2" face="Courier New">On the Redhat distributions
the link &quot;S10network&quot; found in &quot;/etc/rc.d/rc3.d&quot;
is responsible for starting the network. You may also have &quot;S08iptables&quot;
found in &quot;/etc/rc.d/rc3.d&quot;. This link is responsible
for initialising the firewall routines. I prefer to delete the
default &quot;S08iptables&quot; link and create my own link
starting with &quot;S08&quot;. The link starting with &quot;S08&quot;
gets executed before the one starting with &quot;S10&quot; thus
ensuring that no packets get through.</font></p>
<p><font size="2" face="Courier New">There are various kernel
options which you can set to enhance security. A few of them are
set in the example below.</font></p>
<p><font size="2" face="Courier New">In order to secure the
firewall during boot, do the following:</font></p>
<ol>
<li><font size="2" face="Courier New">Go to the &quot;/etc/rc.d&quot;
directory </font></li>
<li><font size="2" face="Courier New">Using your favorite
text editor create a file called &quot;rc.autofwinit&quot;
</font></li>
<li><font size="2" face="Courier New">Copy and paste the
script below into &quot;rc.autofwinit&quot; </font></li>
<li><font size="2" face="Courier New">Exit the editor. </font></li>
<li><font size="2" face="Courier New">Execute the command
&quot;chmod 755 rc.autofwinit&quot; </font></li>
<li><font size="2" face="Courier New">Go to the &quot;/etc/rc.d/rc3.d&quot;
directory </font></li>
<li><font size="2" face="Courier New">Execute the command
&quot;rm -f S08iptables&quot; </font></li>
<li><font size="2" face="Courier New">Execute the command
&quot;ln -s /etc/rc.d/rc.autofwinit S08iptables_start&quot;
</font></li>
<li><font size="2" face="Courier New">Execute the command
&quot;./S08iptables_start&quot; </font></li>
</ol>
<table border="0" cellspacing="0">
<TBODY> <tr>
<td>&nbsp;</td>
</tr>
<TBODY> <tr>
<td><p align="center"><font size="2" face="Courier New">The
rc.autofwinit script</font></p>
</td>
</tr>
<tr>
<td bgcolor="#C0C0C0"><pre>#!/bin/sh
#
# rc.autofwinit - Initialises firewall on boot
#
# Copyright (C) 2001,2002 Vasoo Veerapen (dive_mauritius@killspamforever.hotmail.com);
# <a href="http://www.islandsoft.net/veerapen.html">http://www.islandsoft.net/veerapen.html</a>
#
# This program is free software; you can distribute it and/or modify it under the terms of
# the GNU General Public License as published by the Free Software Foundation; version 2
# of the License.
#
# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with this program
# or from the site that you downloaded it from; if not, write to
# the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston MA 02111-1307, USA
#
#
# Maybe you are more interested in scuba diving, marine conservation or my
# homeland, the paradise island of Mauritius where the Dodo used to live?
# Its simply <a href="http://www.islandsoft.net/">http://www.islandsoft.net/</a>
#
# ----------------------------------------------------------------------
echo &quot;Initialising firewalling...Dropping all packets&quot;
IPT=/sbin/iptables
#Block ICMP redirects
for CONF in /proc/sys/net/ipv4/conf/*/accept_redirects; do
echo 0 &gt; $CONF
done
# Block IP Source Routing
for CONF in /proc/sys/net/ipv4/conf/*/accept_source_route; do
echo 0 &gt; $CONF
done
# Block IP spoofing
for CONF in /proc/sys/net/ipv4/conf/*/rp_filter; do
echo 1 &gt; $CONF
done
# Clear tables
for TABLE in filter nat; do
$IPT -t $TABLE &#150;F
$IPT -t $TABLE &#150;X
done
# Drop all packets
$IPT -P INPUT DROP
$IPT -P OUTPUT DROP
$IPT -P FORWARD DROP
echo &quot;Done initialising.&quot;
sleep 2</pre>
<p></TBODY></p>
</td>
</tr>
</table>
<hr>
<p><font size="2" face="Courier New"><strong>Defining an Iptables
Script.</strong></font></p>
<p><font size="2" face="Courier New">Once the firewall boot
process is secured you must create the firewall script which will
log invalid packets to syslog. The iptables script presented
below is very basic. If you wanted to be more adventurous, then
you could use the DMZ script from the &quot;Iptables Tutorial&quot;
found at </font><a
href="http://iptables-tutorial.haringstad.com/">http://iptables-tutorial.haringstad.com/</a><font
size="2" face="Courier New"> and enhance it.</font></p>
<ol>
<li><font size="2" face="Courier New">Go to the &quot;/etc/rc.d&quot;
directory </font></li>
<li><font size="2" face="Courier New">Using your favorite
text editor create a file called &quot;rc.autofirewall&quot;
</font></li>
<li><font size="2" face="Courier New">Copy and paste the
script below into &quot;rc.autofirewall&quot; </font></li>
<li><font size="2" face="Courier New">Exit the editor. </font></li>
<li><font size="2" face="Courier New">Make the file
executable by the shell, by running the command &quot;chmod
755 rc.autofirewall&quot; </font></li>
<li><font size="2" face="Courier New">Run the script by
typing in &quot;./rc.autofirewall&quot; </font></li>
<li><font size="2" face="Courier New">There should be no
errors. If there are, check your script syntax, iptables
and kernel setup.</font></li>
</ol>
<table border="0" cellspacing="0">
<TBODY> <tr>
<td>&nbsp;</td>
</tr>
<TBODY> <tr>
<td><p align="center"><font size="2" face="Courier New">The
rc.autofwrules script</font></p>
</td>
</tr>
<tr>
<td bgcolor="#C0C0C0"><pre>#!/bin/sh
#
# rc.autofwrules - Firewall script for automatic firewall hardening
#
# Copyright (C) 2001,2002 Vasoo Veerapen (dive_mauritius@killspamforever.hotmail.com)
# <a href="http://www.islandsoft.net/veerapen.html">http://www.islandsoft.net/veerapen.html</a>
#
# This program is free software; you can distribute it and/or modify it under the terms of
# the GNU General Public License as published by the Free Software Foundation; version 2
# of the License.
#
# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with this program
# or from the site that you downloaded it from; if not, write to
# the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston MA 02111-1307, USA
#
# Maybe you are more interested in scuba diving, marine conservation or my
# homeland, the paradise island of Mauritius where the Dodo used to live?
# Its simply <a href="http://www.islandsoft.net/">http://www.islandsoft.net/</a>
#
# ----------------------------------------------------------------------
IPT=&quot;/sbin/iptables&quot;
INT_IF=&quot;eth0&quot;
EXT_IF=&quot;ppp0&quot;
LOG_LEVEL=&quot;notice&quot;
#
$IPT -P INPUT ACCEPT
$IPT -P OUTPUT ACCEPT
$IPT -P FORWARD ACCEPT
#*******************************************************************************
#FILTER_FLAGS
#*******************************************************************************
echo Entering FILTER_FLAGS
$IPT -N FILTER_FLAGS
$IPT -F FILTER_FLAGS
##----------------------------------------------------------------------------##
$IPT -A FILTER_FLAGS -p tcp --tcp-flags ALL FIN -m limit \
--limit 5/minute -j LOG --log-level $LOG_LEVEL \
--log-prefix &quot;iptables:SCAN:&quot;
$IPT -A FILTER_FLAGS -p tcp --tcp-flags ALL FIN -j DROP
##----------------------------------------------------------------------------##
echo Leaving FILTER_FLAGS
#*******************************************************************************
# BANNED
#*******************************************************************************
echo Entering BANNED
$IPT -N BANNED
$IPT -F BANNED
##----------------------------------------------------------------------------##
# Leave blank
##----------------------------------------------------------------------------##
echo Leaving BANNED
$IPT -A INPUT -j BANNED
$IPT -A INPUT -j FILTER_FLAGS
$IPT -A OUTPUT -j BANNED
$IPT -A OUTPUT -j FILTER_FLAGS
#------------- End firewall script</pre>
<p></TBODY></p>
</td>
</tr>
</table>
<hr>
<p><font size="2" face="Courier New"><strong>Creating a Named
Pipe.</strong></font></p>
<p><font size="2" face="Courier New">The named pipe is the
interface between syslog and the blocking script.</font></p>
<ol>
<li><font size="2" face="Courier New">Go to the &quot;/etc/rc.d&quot;
directory </font></li>
<li><font size="2" face="Courier New">Execute &quot;mknod /etc/rc.d/syslog_auth
p&quot; </font></li>
<li><font size="2" face="Courier New">Execute &quot;chmod 600
/etc/rc.d/syslog_auth&quot;</font></li>
</ol>
<p><font size="2" face="Courier New">For more info, &quot;man
mknod&quot; is your friend.</font></p>
<hr>
<p><font size="2" face="Courier New"><strong>Setting Up a
Blocking Script.</strong></font></p>
<p><font size="2" face="Courier New">Once iptables and the named
pipe are set up, it is time to create a script that will handle
messages coming from the syslog daemon. The script is the core of
the automatic hardening process. The example below demonstrates
how to automatically lock out machines, and communicate with a
database server running PostgreSQL.</font></p>
<ol>
<li><font size="2" face="Courier New">Go to the &quot;/etc/rc.d&quot;
directory </font></li>
<li><font size="2" face="Courier New">Using your favourite
text editor create a file called &quot;rc.autoharden&quot;
</font></li>
<li><font size="2" face="Courier New">Copy and paste the
script below into &quot;rc.autoharden&quot; </font></li>
<li><font size="2" face="Courier New">Exit the editor. </font></li>
<li><font size="2" face="Courier New">Excute &quot;chmod 755
rc.autoharden&quot; </font></li>
<li><font size="2" face="Courier New">Run the script by
typing in &quot;./rc.autoharden&quot; </font></li>
<li><font size="2" face="Courier New">You should see some
kernel messages go by, but there should be no errors. If
there are, check your script syntax, and Perl setup </font></li>
<li><font size="2" face="Courier New">Open a new tty using
Alt-F2 for example. Log in as root. </font></li>
<li><font size="2" face="Courier New">Execute &quot;/sbin/iptables
-L&quot; and observe its output. Keep note of the &quot;BANNED&quot;
chain.</font></li>
</ol>
<table border="0" cellspacing="0">
<TBODY> <tr>
<td>&nbsp;</td>
</tr>
<TBODY> <tr>
<td><p align="center"><font size="2" face="Courier New">The
rc.autofwharden script</font></p>
</td>
</tr>
<tr>
<td bgcolor="#C0C0C0"><pre>#!/usr/bin/perl &#150;w
#
# rc.autofwharden - Processes messages from syslogd
#
# Copyright (C) 2001,2002 Vasoo Veerapen (dive_mauritius@killspamforever.hotmail.com);
# <a href="http://www.islandsoft.net/veerapen.html">http://www.islandsoft.net/veerapen.html</a>
#
# This program is free software; you can distribute it and/or modify it under the terms of
# the GNU General Public License as published by the Free Software Foundation; version 2
# of the License.
#
# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with this program
# or from the site that you downloaded it from; if not, write to
# the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston MA 02111-1307, USA
#
#
# Maybe you are more interested in scuba diving, marine conservation or my
# homeland, the paradise island of Mauritius where the Dodo used to live?
# Its simply <a href="http://www.islandsoft.net/">http://www.islandsoft.net/</a>
#
# ----------------------------------------------------------------------
use Pg;
use strict;
my $log_datetime=&quot;&quot;;
my $log_address=&quot;&quot;;
my @parms = ();
my $msgSource = &quot;&quot;;
my $sourceIP = &quot;&quot;;
my $sourcefile = &quot;dump&quot;;
my $tmprec = &quot;&quot;;
my $conn=&quot;&quot;;
my $result=&quot;&quot;;
my $temp=&quot;&quot;;
#Open the database first
$conn=Pg::connectdb(&quot;dbname=adaptive user=postgres password=password&quot;);
( PGRES_CONNECTION_OK eq $conn-&gt;status )
and print &quot;Pg::connectdb ok:\n&quot;
or die &quot;Pg::connectdb failed: &quot;, $conn-&gt;errorMessage, &quot;\n&quot;;
#Open a named pipe
#open(FIFO, &quot;&lt; /etc/rc.d/syslog_auth&quot;) or die $!;
#printf &quot;Pipe opened. \n&quot;;
#while(&lt;FIFO&gt;) {
#Or maybe you want to open a test file instead of a pipe?
open(SOURCE, &quot;&lt; $sourcefile&quot;) or die $!;
printf &quot;File opened. \n&quot;;
while (&lt;SOURCE&gt;) {
@parms = split(/ /, $_);
$msgSource = $parms[5];
if ($msgSource eq &quot;iptables:SCAN:&quot;)
{
#Set date and time
$log_datetime=&quot;$parms[1]-$parms[0]-2002 $parms[2]&quot;;
#Set source address
$temp = $parms[9];
$log_address = substr($temp, 4, length($temp) -4);
printf &quot;Adding address %s to database. \n&quot;, $log_address;
$result = $conn-&gt;exec(&quot;INSERT INTO iptables (ipaddress, severity, time) VALUES ('$log_address', '1','$log_datetime')&quot;);
die $conn-&gt;errorMessage unless PGRES_COMMAND_OK eq $result-&gt;resultStatus;
$temp = &quot;/sbin/iptables -A BANNED -s $log_address -j DROP&quot;;
printf &quot;%s \n&quot;, $temp;
system($temp);
}
}
#close(FIFO);
#Close the test file instead.
close(SOURCE);
$result=$conn-&gt;exec(&quot;DROP DATABASE adaptive&quot;);
die $conn-&gt;errorMessage unless PGRES_COMMAND_OK eq $result-&gt;resultStatus;
<font size="1">
</font>#--------------- End of rc.autofwharden PERL Script; </pre>
<p></TBODY></p>
</td>
</tr>
</table>
<hr>
<p><font size="2" face="Courier New"><strong>Configuring Syslogd.</strong></font></p>
<p><font size="2" face="Courier New">The final step is to
configure the syslog daemon. Normally, syslog echoes messages to
a tty and the file &quot;/var/log/messages&quot;. We will
instruct syslog to echo messages to the named pipe instead.</font></p>
<ul>
<li><font size="2" face="Courier New">Go to the /etc
directory</font> </li>
<li><font size="2" face="Courier New">Make a backup copy of
syslog.conf</font> </li>
<li><font size="2" face="Courier New">Edit syslog.conf</font>
</li>
</ul>
<p><font size="2" face="Courier New">Look for an entry starting
like&nbsp;<br>
*.info;mail.none;authpriv.none</font></p>
<p><font size="2" face="Courier New">If you can't/can find the
line then add/change the line to look like&nbsp;<br>
*.info;mail.none;authpriv.none |/etc/rc.d/syslog_auth&nbsp; </font></p>
<ul>
<li><font size="2" face="Courier New">Do not use spaces
between authpriv.none and the pipe sign | Always use TAB.
</font></li>
<li><font size="2" face="Courier New">Do not leave spaces
between the pipe sign | and /etc/rc.d/syslog_auth</font> </li>
<li><font size="2" face="Courier New">Save syslog.conf</font>
</li>
<li><font size="2" face="Courier New">Run the command &quot;ps
-eaf | grep syslogd&quot;</font> to identify the PID </li>
<li><font size="2" face="Courier New">Run a &quot;kill -1&quot;
command to the PID of syslogd e.g. &quot;kill -1 698&quot;</font>
</li>
</ul>
<hr>
<p><font size="2" face="Courier New"><strong>Viewing the Results.</strong></font></p>
<p><font size="2" face="Courier New">From a remote system run
nmap available from </font><a href="http://www.insecure.org/nmap">http://www.insecure.org/nmap</a><font
size="2" face="Courier New"> with the Fin scan option.</font></p>
<p><font size="2" face="Courier New">On the firewall machine, run
the command &quot;/sbin/iptables -L&quot; and note the difference
in the &quot;Banned&quot; chain.</font></p>
<p><font size="2" face="Courier New">To view the firewall
database, login as a postgresql user and type in</font></p>
<ul>
<li><font size="2" face="Courier New">psql adaptive</font> </li>
<li><font size="2" face="Courier New">select * from iptables;</font>
</li>
</ul>
<p><font size="2" face="Courier New">This should give you a list
of all banned addresses added to the database.</font></p>
<hr>
<p><font size="2" face="Courier New"><strong>Adaptive Firewall
FAQ.</strong></font></p>
<p><font size="2" face="Courier New">Q. How safe is the adaptive
firewalling code in this document?</font></p>
<p><font size="2" face="Courier New">A. The hardening script in
this tutorial is very basic. Since the script automatically bans
machines, you can imagine what would happen if someone managed to
spoof the source addresses. In this case, legitimate IP addresses
would get blocked. However, during a legitimate attack, you could
identify which domain was the most offending, and ban any machine
attempting to connect from it.</font></p>
<p><font size="2" face="Courier New">Q. Why is my firewall
continuously logging ACK, FIN, URGP=0 ?</font></p>
<p><font size="2" face="Courier New">A. In 99.99% cases this is
normal behaviour. This is due to the connection state matching
code in Iptables which by default tracks each connection for 60
seconds. Once a connection is inactive for 60 seconds, Iptables
wipes it from its tracking table, but the server at the other end
does not know that. When the server tries to close the connection
from its end, it sends a packet with this TCP flag sequence which
gets intercepted by the firewall.</font></p>
<hr>
<p><font size="2" face="Courier New"><strong>Acknowledgments.</strong></font></p>
<p><font size="2" face="Courier New">I would like to thank the
following people for contributing towards this document.</font></p>
<p><font size="2" face="Courier New">Oskar Andreasson</font></p>
<!-- *** BEGIN bio *** -->
<!-- *** END bio *** -->
<!-- *** BEGIN copyright *** -->
<hr>
<CENTER><SMALL><STRONG>
Copyright &copy; 2002, Vasoo Veerapen.
Copying license <A HREF="../copying.html">http://www.linuxgazette.com/copying.html</A><BR>
Published in Issue 82 of <i>Linux Gazette</i>, September 2002</H5>
</STRONG></SMALL></CENTER>
<!-- *** END copyright *** -->
<HR>
<TABLE BORDER><TR><TD WIDTH="200">
<A HREF="http://www.linuxgazette.com/">
<IMG ALT="LINUX GAZETTE" SRC="../gx/2002/lglogo_200x41.png"
WIDTH="200" HEIGHT="41" border="0"></A>
<BR CLEAR="all">
<SMALL>...<I>making Linux just a little more fun!</I></SMALL>
</TD><TD WIDTH="380">
<center>
<BIG><BIG><STRONG><FONT COLOR="maroon">Multihead Systems under Linux and Windows</FONT></STRONG></BIG></BIG><BR>
<STRONG>By <A HREF="mailto:award@andorra.ad">Alan Ward</A></STRONG></BIG>
</TD></TR>
</TABLE>
<P>
<!-- END header -->
<p align=center><i>Setting up several screens on your Win/Lin box.</i></p>
<p><b>Must-read section</b></p>
<p>This article has been much inspired by a paper entitled
&quot;Multihead systems&quot; (I think - I read the Spanish translation
called &quot;Sistemas multihead&quot;) in Linux Journal, by Brian
Gollsneider and Arthur M. Messenger. They're the guys to blame for
getting me interested in this!</p>
<p>The &quot;X --help&quot; page ... worth browsing.</p>
<hr>
<p><b>About multiheading</b></p>
<p>As you people know, multiheading is all about hanging many screens
on one computer. You can then either use the different screens to display
various parts of the same desktop, or different desktops. It has
been done with Unix systems since very early on - around about when they
invented the X-Windowing system. It can be useful when you tend to get a lot
of data on screen -- typical examples are engineering (drawing and 3D
models) and system or network monitoring.</p>
<p>Its generalization is a bit more recent under Windows, though
several video card makers have pushed the idea with dual-head cards.
These are not necessary though; several ordinary video cards can
play the trick.</p>
<p>In fact, one can mix many different kinds of ISA, PCI and AGP cards.</p>
<p>In this article, I will see how it works under Windows (98 version -
though others should be the same) and Linux + XFree86 version 4. Please
note that XFree86 version 3's configuration files are slightly different.</p>
<hr>
<p><b>Considerations about hardware</b></p>
<p>The BIOS will choose one screen to be the primary screen. This is
where your boot messages will appear and where you'll get the initial
console. The BIOS looks for the primary screen on the following buses
in order:
<ul>
<li>the ISA bus</li>
<li>the PCI bus</li>
<li>the AGP bus</li>
</ul>
<p>ISA cards: if anybody still uses them, be warned they get
preference before all others. Can still be useful for text
consoles.</p>
<p>PCI cards. The PCI bus is a mixed thing, in the sense that
you get both on-board devices and PCI cards all together. On
most motherboards, it is a single bus numbered 0, with devices
numbered 0:0 (host controller), 0:1, 0:2 etc. There can be
sub-devices such as 0:9:1, 0:9:2, and so forth.</p>
<p>On-board PCI devices get the lower numbers, generally
up to 0:7. Afterwards, devices 0:8 to 0:12 should be your
PCI slots, numbered from the &quot;bottom&quot; of the motherboard
in the direction of the AGP slot.</p>
<p>Almost all motherboards have only one AGP slot, though
there is no technical reason why. It is identified as a PCI
device on bus 1, as 1:0</p>
<p>For example, if you have one on-board PCI video card, one
removable PCI and one AGP, your device ordering might be: </p>
<pre>
First (main) device: PCI 0:6 (on-board)
Second device: PCI 0:10 (removable)
Third device: PCI 1:0 (AGP)
</pre>
<p>Other motherboard manufacturers set up the on-board video devices
with higher numbers than the slots. This way, if your on-board
video burns out (or you just want to upgrade), you insert a
new PCI video card and its lower number gets preference at boot.</p>
<p>You can get detailed information on this under Linux, for
example, this system has a single AGP card:</p>
<pre>cat /proc/pci
PCI devices found:
(((snip)))
Bus 1, device 0, function 0:
VGA compatible controller: Intel Unknown device (rev 33).
Vendor id=8086. Device id=7800.
Medium devsel. Fast back-to-back capable. IRQ 11. Master Capable. No bursts.
Prefetchable 32 bit memory at 0xce000000 [0xce000008].
Non-prefetchable 32 bit memory at 0xcfe80000 [0xcfe80000].
</pre>
<p>Another way (with root privileges) is:</p>
<pre>scanpci</pre>
<p>Please note that the order of cards is BIOS stuff -- and so applicable
both to Windows and Linux.</p>
<hr>
<p><b>Configuration under Windows</b></p>
<p>This is meant to be pretty easy -- and is, except when you
run into driver trouble. So I would advise you to start out
by sticking *one* video card into your computer, then making sure
you have the necessary drivers. Then go for the next card alone,
and so forth. That way you get the pain in small pieces you can
hopefully handle, instead of all at once.</p>
<p>When you are confident you have all the required drivers either
on CD or on hard disk, and that they actually work with your cards,
stick all the video cards in together and hang screens on them. Boot.</p>
<p>You will then get to reconfigure the drivers once more, one
after the other. You may also get to reboot the computer -- but
you're used to that, right?</p>
<p>At this time, you should get the usual Windows desktop on your
first (main) screen, and a text message on all others telling you
that Windows has recognized the device correctly. If you don't,
go back and reconfigure that video card correctly.</p>
<p>When you take a look at the screen properties, you should see
something like this:</p>
<p align=center><img src="misc/ward/screen1.jpg"></p>
<p>You then click on the number 2 screen, activate it, configure,
and off you go. So forth for all others. Note that screens need not
have the same resolution or color depth:</p>
<p align=center><img src="misc/ward/screen2.jpg"></p>
<p>Hopefully, you are then in business, and can drag windows
from one screen to another. Try it!</p>
<hr>
<p><b>Configuration with XFree86</b></p>
<p>XFree86 version 4 has been changed in several ways from
its version 3 predecessor. To begin with, the configuration
file is now</p>
<pre>/etc/X11/XF86Config-4</pre>
<p>Please note the -4 ending.</p>
<p>It has now dealt away with the antique separate server binary file
for each screen. We now have a more modern modular scheme with a
single main server file, plus modules (drivers) for each family
of video cards. These can be found in most distributions in:</p>
<pre>/usr/X11R6/lib/modules/drivers</pre>
<p>This is similar to what has happened to the Linux kernel: from
a monolithic kernel with all drivers included, modern kernels have
progressed to a loadable modular scheme. Luckily for us.</p>
<p>Here's a list of the most-used drivers:</p>
<p><table border=1>
<tr><th>driver</th><th>cards supported</th></tr>
<tr><td>ati</td><td>most early ATI cards</td></tr>
<tr><td>r128</td><td>ATI Rage-128 and 128-based cards</td></tr>
<tr><td>cirrus</td><td>Cirrus Logic GD54??</td></tr>
<tr><td>cyrix</td><td>Cyrix Media GX CPU</td></tr>
<tr><td>i740</td><td>Intel 740-based cards</td></tr>
<tr><td>i810</td><td>Intel 810-based cards</td></tr>
<tr><td>mga</td><td>Matrox 100, 200, 400</td></tr>
<tr><td>nv</td><td>N-vidia Riva 128, TNT GeForce, etc.</td></tr>
<tr><td>s3</td><td>S3 non-Virge early PCI chipsets</td></tr>
<tr><td>s3virge</td><td>S3 Virge later PCI chipsets</td></tr>
<tr><td>vga</td><td>generic; replaces XFree86-SVGA</td></tr>
<tr><td>fbdev</td><td>generic; &quot;flat&quot; video memory mode</td></tr>
</table></p>
<p>This system also means that it will be relatively easy for
card manufacturers to produce their own modular drivers to support
new cards. Let's hope that they do so.</p>
<p>Configuration is not complicated. The first part of the
XF86Config-4 file should be pretty much self-explanatory, and is
often rather well set up by your favorite distribution's setup
program.</p>
<p><ul>The interesting parts are:
<li>the Monitor section, where you define actual monitors</li>
<li>the Device section, where you set up your video cards</li>
<li>the Screen section, where you give screen resolutions
and color depths</li>
<li>the ServerLayout section, where you set up the relationships
between screens</li></ul></p>
<p>In the Monitor section, each monitor gets its Section tag, such as:</p>
<pre>
Section "Monitor"
Identifier "monitor 1"
VendorName "Philips"
ModelName "Unknown"
HorizSync 30.0-64.0
VertRefresh 50.0-110.0
EndSection
</pre>
<p>You can put in as many monitors as you wish, and name them. I
usually call them "monitor 1" etc., as they are often of the same
type and make. But you can handle this whatever way you feel
most comfortable with.</p>
<p><strong>BE CAREFUL</strong> with the horizontal and vertical frequencies.
You can literally blow up your tube if you are not careful. Been there,
done that :-( Get the right frequencies from the monitor's guide, or look them
up on the manufacturer's site on the Web. If in doubt, go lower. Values that
have worked out to be &quot;safe&quot; for me -- i.e. no screens blown up
-- have been:</p>
<pre>
HorizSync 31.5-35.5
VertRefresh 50.0-70.0
</pre>
<p>Just about any modern multisync monitor can handle these -- however
they are so conservative you won't be able to go far beyond 640x480
with 8-bit color (256 colors). Just enough to prove the concept :-)</p>
<p>You then get to set up the driver for each video card. List
the directory mentioned above. One Section for each card:</p>
<pre>
Section "Device"
Identifier "device 1"
Driver "s3virge"
BusID "PCI:0:11:0"
EndSection
Section "Device"
Identifier "device 2"
VendorName "Unknown"
BoardName "Unknown"
Driver "i740"
VideoRam 8192
BusID "PCI:1:0:0"
EndSection
</pre>
<p>In this case, I have one S3 card inserted in a PCI slot, and
an Intel 740-based AGP card. With a single card, you do not need
to look up and specify the bus ID (from /proc/pci). But in our case
we need it to distinguish, for example, between several cards of
the same type.</p>
<p>In the above example, if I added a second S3 Virge in PCI slot
0:12, I would add a third Device section repeating the "s3virge"
driver line, and specifying "PCI:0:12:0". The server is smart enough
not to create two instances of the driver in memory, just two references
to the same driver.</p>
<p>As with monitors, the Identifier tag set up by the setup program
usually contains the card's chipset commercial identifier, though
you can change it at will.</p>
<p>You then set up a Screen section linking each Monitor to the
appropriate Device. I strip this down to the essentials:</p>
<pre>
Section "Screen"
Identifier "screen 1"
Device "device 1"
Monitor "monitor 1"
DefaultColorDepth 16
Subsection "Display"
Depth 16
Modes "1024x768"
ViewPort 0 0
EndSubsection
EndSection
Section "Screen"
Identifier "screen 2"
Device "device 2"
Monitor "monitor 2"
DefaultColorDepth 24
Subsection "Display"
Depth 24
Modes "800x600"
ViewPort 0 0
EndSubsection
EndSection
</pre>
<p>Finally, you set up the whole system:</p>
<pre>
Section "ServerLayout"
Identifier "layout 1"
Screen "screen 1"
Screen "screen 2" RightOf "screen 1"
Option "Xinerama" "on"
InputDevice "Mouse1" "CorePointer"
InputDevice "Keyboard1" "CoreKeyboard"
EndSection
</pre>
<p>Here, I have screen 2 at the right of screen 1. I could also
have specified it to be at the left, above of below any existing
screen.</p>
<p>The Xinerama option is also important. This is an extension of
the X server that links screen 1 with screen 2, to form a single
desktop I can drag windows and icons across.</p>
<p>This works in the same way as Windows, but needs both (or all)
screens to have the same color depth: generally 8, 16 or 24 bits.
This means the above example shouldn't work! (Read it again to
make sure you understand why before reading on.)</p>
<p>But you may prefer two screens with separate desktops. For example,
you could have one screen for your own use, and make the other
available over your local network. Or one screen with KDE and the other
without any window manager. Your choice. This can be done simply by
turning off Xinerama:</p>
<pre>
Option "Xinerama" "off"
</pre>
<p>Finally, you may prefer to keep a screen for the text console:
include "screen 2", "screen 3", etc in your ServerLayout section,
omitting "screen 1" (generally the console if where you boot from
and where you get system error messages).</p>
<hr>
<p><b>Trying out XFree</b></p>
<p>As with Windows, it is best to start out by testing each
video card individually. Start at the text console (runlevel 3).
Keep one screen in your ServerLayout, commenting out the others
with a # at the beginning of the line. You can then start up the
X server (no need for a desktop yet):</p>
<pre>X</pre>
<p>You should get a black-and-white crisscross pattern, with an
X-shaped mouse cursor in the middle. Good. You can shut down
X and get back to the text console with</p>
<pre>Ctrl + Alt + Backspace</pre>
<p>Now do the same for the other cards. When you have everything
set up, just uncomment all screen entries in ServerLayout, and
test X once more. You should now get the crisscross pattern on
all screens, and if you activated Xinerama, the mouse should move
between screens.</p>
<p>&lt;smirk&gt;And you didn't need to reboot, did you?&lt;/smirk&gt;</p>
<p>You can now either go directly into the graphical desktop
with startx, or switch to a graphical login with runlevel 5:</p>
<pre>init 5</pre>
<hr>
<p><b>Comparison between Windows and Linux</b></p>
<p>As usual, there are differences between either way of doing
things, and thus between the end results. To be objective:</p>
<p>- Windows lets you use devices with different levels of
color and resolutions together as part of the same desktop.
However, it cannot handle more than one desktop, nor can it
mix text consoles with graphics.</p>
<p>- Windows can be a pain to configure, with much rebooting.</p>
<p>- conversely, Linux can mix text screen with graphics -- this
is great for keyboard-trained systems administrators --, can
use more than one desktop, or can use all screens (or a
combination of screens) for a single desktop. If you want KDE and
Gnome at the same time, you get it. If you just want one single
big WindowMaker, you get that. If you want to set up a 2x2 or
3x3 video wall, all you need are enough cards, and enough slots
to set them in.</p>
<p>- If you want to mix screens with Xinerama under Linux,
you need to use the same color depth on all of them.</p>
<p>- Linux with XFree86 version 4 is much easier to configure --
though maybe that's my bias showing through.</p>
<p>Seriously though, the last time I installed Mandrake 8.2, it
detected all video cards and went multihead all on its own. Good
show.</p>
<p>One last warning the reader may do well to heed: do this on
a computer with backups up to date, not on a production machine.
Video cards are tricky little things that can bite.</p>
<p>PS. Should anybody want to translate this article: I wrote it in
the spirit of the GPL software licence. i.e. you are free (and
indeed encouraged) to copy, post and translate it -- but please,
PLEASE, send me notice by email! I like to keep track of translations --
it's good for the curriculum :-)</p>
<!-- *** BEGIN bio *** -->
<P>
<H4><IMG ALIGN=BOTTOM ALT="" SRC="../gx/note.gif">Alan Ward</H4>
<EM>Alan teaches CS in Andorra at high-school and university levels. His
hobbies
include science photography (both digital and traditional), trekking,
rock and processor collecting.</EM>
<!-- *** END bio *** -->
<!-- *** BEGIN copyright *** -->
<hr>
<CENTER><SMALL><STRONG>
Copyright &copy; 2002, Alan Ward.
Copying license <A HREF="../copying.html">http://www.linuxgazette.com/copying.html</A><BR>
Published in Issue 82 of <i>Linux Gazette</i>, September 2002</H5>
</STRONG></SMALL></CENTER>
<!-- *** END copyright *** -->
<HR>
<TABLE BORDER><TR><TD WIDTH="200">
<A HREF="http://www.linuxgazette.com/">
<IMG ALT="LINUX GAZETTE" SRC="../gx/2002/lglogo_200x41.png"
WIDTH="200" HEIGHT="41" border="0"></A>
<BR CLEAR="all">
<SMALL>...<I>making Linux just a little more fun!</I></SMALL>
</TD><TD WIDTH="380">
<center>
<BIG><BIG><STRONG><FONT COLOR="maroon">The Back Page</FONT></STRONG></BIG></BIG><BR>
<STRONG>By <A HREF="mailto:gazette@ssc.com">Mike Orr (LG Editor)</A></STRONG></BIG>
</TD></TR>
</TABLE>
<P>
<!-- END header -->
<ul>
<li><a HREF="#news">Gazette News</a>
<li><a HREF="#wacko">Wacko Topic of the Month</a>
<li><a HREF="#nottag">Not The Answer Gang</a>
<li><a HREF="#spam">World of Spam</a>
</ul>
<a name="news"></a>
<P> <hr> <P>
<!--====================================================================-->
<center><H3><font color="maroon">Gazette News</font></H3></center>
<P> <HR> <P>
<!--======================================================================-->
<P>
I finally changed the header and footer decorations as I've been meaning to
for months. The main purpose was to shrink the vertical space the header
takes, to fit more of the article content on the first screenful. This isn't
the last change; we'll make minor adjustments and maybe get a stylesheet one
of these months.
<a name="wacko"></a>
<P> <hr> <P>
<!--====================================================================-->
<center><H3><font color="maroon">Wacko Topic of the Month</font></H3></center>
<P> <HR> <P>
<!--======================================================================-->
<P>
<H3 align="left"><img src="../gx/dennis/qbubble.gif"
height="50" width="60" alt="(?) " border="0"
>hello there, IM BLOODY WELL MIFFED</H3>
<p><strong>From Psycopathic Hamsters
</strong></p>
<p align="right"><strong>Answered By Ben Okopnik
<p></strong></p>
<BLOCKQUOTE><STRONG>
tarballs everyone knows how to unzip them and install them right, wrong, i
find them evil, evil is not the word, Automated teller is, now they are
evil, especially the compaq ones, well my question is, tarballs how do u
unzip and install them.
I would be grateful for an answer, if not the linux gazate will be less 1
reader and 1 writer.<BR>
Miffed
</STRONG></BLOCKQUOTE>
</p>
<P>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Ben]
This is cool; I'm being threatened by a psychopathetic hamster. I never
knew that writing for LG could be so dangerous... adds spice and
adrenaline to my life.
</P>
<a name="nottag"></a>
<P> <hr> <P>
<!--====================================================================-->
<center><H3><font color="maroon">Not the Answer Gang</font></H3></center>
<P> <HR> <P>
<!--======================================================================-->
<P>
<H3 align="left"><img src="../gx/dennis/qbubble.gif"
height="50" width="60" alt="(?) " border="0"
>cfz (Crap Factor Z)</H3>
<p align="right"><strong>Answered By Iron, Ben Okopnik
<p></strong></p>
<P>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Iron]
Here's a fortune-like program that dynamically synthesizes offensive messages.
Perfect for when you have an urge to insult Ben Okopnik and don't know what to
say. It's written in Python, and has text, Tkinter and wxWindows interfaces.
<A HREF="http://sourceforge.net/projects/cfz"
>http://sourceforge.net/projects/cfz</A>
</P>
<P>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Ben]
When I need to insult Mike, I <EM>always</EM> know what to say. I believe the
term is "a target-rich environment", or "spoiled for choice." Often,
even words aren't necessary. }:&gt;
<PRE>
_ _
|_| |_|
| | /^^^\ | |
_| |_ (| "o" |) _| |_
_| | | | _ (_---_) _ | | | |_
| | | | |' | _| |_ | `| | | | |
| | / \ | |
\ / / /(. .)\ \ \ /
\ / / / | . | \ \ \ /
\ \/ / ||Y|| \ \/ /
\__/ || || \__/
() ()
|| ||
ooO Ooo
</PRE>
<P>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Iron]
Nice ascii art drawing. How long did it take you?
</P>
<P>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Ben]
<IMG SRC="../gx/dennis/smily.gif" ALT="&lt;grin&gt;"
height="24" width="20" align="middle"> Thanks; I <EM>wish</EM>
I was that much of an artist. As to how long it took me -
<PRE>
&lt;Alt-F9&gt; # Flips to another xterm
q # Opens my "quote catcher"
&lt;Ctrl-D&gt; # Terminates input mode, edits file
/ASCII/ # Locates art section
&lt;highlight pic&gt;
:q # Quit vi
&lt;Alt-F9&gt;
&lt;paste&gt;
</PRE>
Call it about ten seconds total.
</P>
<H3 align="left"><img src="../gx/dennis/qbubble.gif"
height="50" width="60" alt="(?) " border="0"
>Hardware Clock</H3>
<A NAME="tag/15"><HR WIDTH="75%" ALIGN="center"></A>
<p align="right"><strong>Answered By Jim Dennis
<p></strong></p>
<P>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Jim]
If the hardware clock's running slow, try heating up the case with a
blowtorch. If it's running fast, try pouring liquid nitrogen across the
top.
</P>
<!-- end 14 -->
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<A NAME="tag/15"><HR WIDTH="75%" ALIGN="center"></A>
<!-- begin 15 -->
<H3 align="left"><img src="../gx/dennis/qbubble.gif"
height="50" width="60" alt="(?) " border="0"
>Outrage</H3>
<BLOCKQUOTE><STRONG>
F*CK YOU C*NT DON'T SEND ME THIS AGAIN.
</STRONG></BLOCKQUOTE>
<p>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Iron]
Send what? I didn't send you anything. Did you get a Klez worm
(binary attachment)? If so, see
<A HREF="../issue78/lg_backpage.html#wacko"
>http://www.linuxgazette.com/issue78/lg_backpage.html#wacko</A>
</p>
<BLOCKQUOTE><STRONG>
No, not me! Never sent anything, and Norton reckons I'm clean. You didn't
send me anything, I didn't send you anything. The viruses spoof someone's
addy in the affected persons address book, and I'm taking the flack.
</BLOCKQUOTE></STRONG>
<p>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Iron]
The headers are similar to Klez in that the "From:" address is completely
different from the "From " address. Unlike Klez, the ostensible domain
name in the last "Received:" header before it reached our server was not
a single word consisting only of random consonants.
</P>
<P> The next day, another
message arrived from another source:
</P>
<BLOCKQUOTE><STRONG>
F*ck You C*nt Don't Send Me That Ever Again.<BR>
MIND YOUR LANGUAGE YOU C*NT ...
</STRONG></BLOCKQUOTE>
<p>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Iron]
... I saved the two messages in case it was the start of another
epidemic like Klez, but no more came.
Of course, the funniest part is that the ostensible domain is so
implausable. Outlook can't send mail through Yahoo, not unless it's learned
how to post a message through Yahoo's web interface.
<A NAME="tag/15"><HR WIDTH="75%" ALIGN="center"></A>
<H3 align="left"><img src="../gx/dennis/qbubble.gif"
height="50" width="60" alt="(?) " border="0"
>Sailing away</H3>
<p>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Ben]
Hey, all.
I'm going to be out of Net contact for a few days - I'm sailing up to
Cape Cod with a stop in New York. This means a couple of days AFK,
followed by a few back on, then about 4 off. If anybody's got an
emergency, I guess you can always flag down a passing dolphin...
<IMG SRC="../gx/dennis/smily.gif" ALT=":)"
height="24" width="20" align="middle">
</P>
<P> Fair winds to all.
</P>
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<A NAME="tag/23"><HR WIDTH="75%" ALIGN="center"></A>
<!-- begin 23 -->
<H3 align="left"><img src="../gx/dennis/qbubble.gif"
height="50" width="60" alt="(?) " border="0"
>RoadRunner</H3>
<p>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Iron]
Hilarious item on <A HREF="http://www.freshmeat.net/">Freshmeat</A> for News
Bytes:
<blockQuote>
RoadRunner 0.9 -
RoadRunner is an application toolkit library implementing BEEP (Blocks
Extensible Exchange Protocol).
</blockQuote>
I wonder if RoadRunner 1.0 will implement the BEEP-BEEP protocol.
<!-- end 24 -->
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<A NAME="tag/25"><HR WIDTH="75%" ALIGN="center"></A>
<!-- begin 25 -->
<H3 align="left"><img src="../gx/dennis/qbubble.gif"
height="50" width="60" alt="(?) " border="0"
>Cheap Tobacco</H3>
<blockQuote><STRONG>
If you are fed up of being 'ripped off' by the British government
every time you buy your tobacco, [...]
</STRONG></blockQuote>
<p>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Breen]
I'm not a smoker, but this stuff <EM>does</EM> make steam come out of my
ears. Is that close enough??
</P>
<!-- end 26 -->
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<A NAME="tag/27"><HR WIDTH="75%" ALIGN="center"></A>
<!-- begin 27 -->
<H3 align="left"><img src="../gx/dennis/qbubble.gif"
height="50" width="60" alt="(?) " border="0"
>The Advice People</H3>
<BLOCKQUOTE><STRONG>
wat the address for u linx thing i got it off a booting program site thats y
i emailed u but since u can't help thats no prob thanks any ways y u want to
know the site any way.
</STRONG></BLOCKQUOTE>
<P>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Iron]
Thanks. The problem we had with the answerguy address was that a lot
of sites linked to it without explaining what it was for.
<P> Hmm, do you have "The Advice People" in your town? It started several
years ago in New York and then and then one of the members established
it here in Seattle. They set up a couple chairs and a sign certain
Friday and Saturday evenings in a pedestrian area (Broadway in Seattle)
and invite people to ask them any question they want. They don't claim
to have any particular qualifications except "62 years combined
experience living on this planet". The only topics they refuse to
discuss are politics and religion. I don't remember whether they do it
for free or charge a token 25 cents. Often a small crowd will gather
and listen to the questions and answers.
</P>
<P>
One year I was there the weekend before Halloween, and people would
ask for ideas on what to wear on Halloween. The girl who was the
coordinator came up with some original ideas like, "You could dress up as a
bowl of fruit. Or maybe you could be a line of coke."
</P>
<P>
I'm not sure if they're still around. I haven't seen them for a few
years. I think there's a book written by the Advice People's founder, but I
don't remember the title or the author.
</P>
<!-- end 26 -->
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<A NAME="tag/27"><HR WIDTH="75%" ALIGN="center"></A>
<!-- begin 27 -->
<H3 align="left"><img src="../gx/dennis/qbubble.gif"
height="50" width="60" alt="(?) " border="0"
>Staring</H3>
<P>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Ben]
This is another test. Shoo, you curious people. Why are you standing around
glaring at my email like that? Just hit the 'delete' key, for Gossake, like
decent people would do. I blame the parents; there's no proper upbringing
today, none at all...
</P>
<!-- end 26 -->
<!-- .~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~.~~. -->
<A NAME="tag/27"><HR WIDTH="75%" ALIGN="center"></A>
<!-- begin 27 -->
<H3 align="left"><img src="../gx/dennis/qbubble.gif"
height="50" width="60" alt="(?) " border="0"
>Fatal error</H3>
<P>
<IMG SRC="../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Guy]
"Your mouse has moved. Windows must be restarted,
for the changes to take effect Reboot now? [OK]"
<a name="spam"></a>
<P> <hr> <P>
<!--====================================================================-->
<center><H3><font color="maroon">World of Spam</font></H3></center>
<P> <HR> <P>
<!--======================================================================-->
<P>
My web browser said,
"Connection timed out while connecting to ad.doubleclick.net." Boo hoo!
<HR NHSHADE WIDTH="80%"> <!-- ************************************************* -->
<P> lginternational.Com - US$475
<P> Please note that after years, the registration on the domain name
lginternational.Com was not renewed and this
domain had become available to register.
Consequently, we have been approached to market this domain name that has been
tracked and registered by a client.
As result,lginternational.Com now available from us for IMMEDIATE transfer.
<BLOCKQUOTE><EM>
[Big deal. -Iron.]
</EM></BLOCKQUOTE>
<P> With so many companies that could benefit from this domain, along with what
many would consider to be a "wholesale
price", we hope to secure a quick transfer.
<BLOCKQUOTE><EM>
[Ask somebody who cares. linuxgazette.com suits us just fine. -Iron.]
</EM></BLOCKQUOTE>
<P> Please note that the domain name market is extremely solid at the moment and
similar domains are currently selling on
afternic.com, greatdomains.com (domain auction sites) and by domain name
brokers, in some cases, for many thousands
of US dollars.
<BLOCKQUOTE><EM>
[If it looks like a lie, walks like a lie and smells like a lie, it must
be a lie. "Extremely solid" compared to what? Certainly not compared to
a couple years ago when all the doman names that are expiring now were
hot property. -Iron.]
</EM></BLOCKQUOTE>
<P> Please note that transfers take just 15 minutes and are extremely
straightforward - absolutely NO technical knowledge
required!
<HR NHSHADE WIDTH="80%"> <!-- ************************************************* -->
<PRE>
SPAM: Hit! (3.0 points) BODY: Nigerian widow needs your help,
cf http://www.snopes2.com/inboxer/scams/nigeria.htm
SPAM: Hit! (4.3 points) BODY: Mutated Nigerian scams,
cf http://www.snopes2.com/inboxer/scams/nigeria.htm
SPAM: Hit! (-0.4 points) BODY: Contains a line &gt;99 characters long
SPAM: Hit! (2.0 points) Forged yahoo.com 'Received:' header found
SPAM: Hit! (2.0 points) Received via a relay in relays.osirusoft.com
SPAM: [RBL check: found 135.155.86.64.
relays.osirusoft.com., type: 127.0.0.4]
SPAM: Hit! (0.5 points) Received via a relay in
ipwhois.rfc-ignorant.org
SPAM: [RBL check: found
135.155.86.64.ipwhois.rfc-ignorant.org., type: 127.0.0.6]
SPAM: Hit! (1.9 points) Subject is all capitals
SPAM: Hit! (3.0 points) DNSBL: sender is Confirmed Spam Source
SPAM:
SPAM: ----------- End of SpamAssassin results -----------
</PRE>
I am Alhaja Maryam Abacha, the widow of the Late Gen. Sanni Abacha former Nigerian Military Head of State who died mysteriously as a result of Cardiac Arrest.
Following the recent discovery of my husband's Bank Account by the Nigerian
Government with Swiss Bank in which the huge sum of US$700 MILLION and DM 450
Million was logged....
<HR NHSHADE WIDTH="80%"> <!-- ************************************************* -->
<BLOCKQUOTE><EM>
[A sneaky way for spam to "include" a remote URL that's displayed
automatically in an HTML-enabled mailreader. -Iron.]
</EM></BLOCKQUOTE>
<PRE>
&lt;HTML&gt;&lt;HEAD&gt;
&lt;/HEAD&gt;&lt;FRAMESET border=0 frameBorder=0
frameSpacing=0 rows=0%,*&gt;
&lt;FRAME marginHeight=5 marginWidth name=easymain
src="http://www.XXXXXXXXX.com"&gt;
&lt;/FRAMESET&gt;
&lt;/HTML&gt;
</PRE>
<HR NHSHADE WIDTH="80%"> <!-- ************************************************* -->
<BLOCKQUOTE><EM>
[If you can't trick them with phony business investments, try appealing to
their humanitarian sense. -Iron.]
</EM></BLOCKQUOTE>
My name is Dr. Henrique Sessenou, a medical doctor and
the sole proprietor of the above specialist hospital.
I understand that through Internet is not the best way
to link up with you because of the confidentiality
which the transaction demands. However, I have already
sent you this same letter by post one month ago, but I
am not sure if it did get to you since I have not
heard from you, hence my resending it again. I have a
widow here in my hospital who is on a political
assylum in Lome - Togo refugee camp. She has
been so ill for some couple of months now.
<P> This woman confided in me based on the free medical
attention I have been giving to her and her children.
She had revealed to me of her life history and about
her late husband who was a top military officer in one
of the west African country (Sierra-Leone) before his
death during the civil war and the fortune she
inherited from her late husband. She has asked me to
source a credible and trustworthy partner abroad who
will manage her funds for investment, the sum of
Twenty Eight Million US Dollars (US$28m) which her
late husband deposited in a safe fiduciary agent in
Europe through a security company based in Lome -
Togo. I wish to chose you for this venture and I
believe you will be in the position to assist in
managing this large sum in a profitable ventures and
also to help create a safe haven for her and her
children by making a residence arrangement for them in
your country.
<P> After she had disclosed this information to me, I saw
the reason to request from her all the documents
relating to this deposit of which she did, now I have
the documents covering the deposit which I will not
hesitate to fax to you the copies as a proof for your
confirmation as soon as I receive your response via
e-mail. I am obliged to assist this lady knowing too
well that she has a limited knowledge in the business
world and as such she cannot manage this funds
herself, and in order to avoid any trace of her by the
government, I will need from you a mutual
understanding and then we shall make plans on how the
funds would be secured into an account in your name;
after which you will arrange and travel immediately to
meet with the security company's Agency in Europe for
clearing.
<P> This amount is contained in a sealed trunk box and it
is registered and declared as containing family
treasures, so even as I am writing you now the
security company and its agency are not aware that
there is cash money in the trunk. Let me assure you
that this transaction is 100% hitch and risk free;
from my discussion with her, she has agreed to give
you a reasonable amount of percentage for your
involvement in this deal, and this has to be discussed
upon the receipt of your quick response.
<BLOCKQUOTE><EM>
[What he fails to consider is, if it's so important to keep the
existence of this money a secret, why is he sending an unencrypted
e-mail on the public Internet to somebody he doesn't know? -Iron.]
</EM></BLOCKQUOTE>
<HR NHSHADE WIDTH="80%"> <!-- ************************************************* -->
<BLOCKQUOTE><EM>
[Business scams aren't the only thing coming out of Nigeria. -Ed.]
</EM></BLOCKQUOTE>
I am a lagos based independent marketer and public relations exparct
specailized in marketing of goods and ervices to cooperate outfits as well as
private individuals. I am 38 years of age graduate of the Nigerian College of
Administration and I also hold a professional chartered certificate from the
chartered insitute of Adiministration Lagos as a chartered Administrator.
<P> My ultimate objective in this regards is to intimate you of my professional
capacity to promote the sales and distribution of your products or services in
Nigeria and West African sub-region.
<P> <STRONG><EM>It may intrest you to know that I have the required knowledge
and comprehensive strategy to promote and market your products or service in
different parts of Nigeria and west african sub-region in
general.</EM></STRONG> [Emphasis added.]
<P> I would be greatful therefore if I am given an opportunity to be your sloe
representative here in Nigeria. Please send me the details of your products or
service for my study.
<BLOCKQUOTE><EM>
[How can somebody have "the required knowledge and comprehensive strategy"
to market a product when he doesn't even know what the product is?
Magazines, coffee and technical consulting services each has a
distinct target market and requires different marketing abilities. -Iron.]
</EM></BLOCKQUOTE>
<HR NHSHADE WIDTH="80%"> <!-- ************************************************* -->
----- Forwarded message from Your IE Toolbar &lt;XXXXX@mail.ru&gt; -----<BR>
<BR>
From: "Your IE Toolbar" &lt;XXXXX@mail.ru&gt;<BR>
To: linux-questions-only@ssc.com<BR>
Subject: Get your own Internet Explorer Toolbar!<BR>
<P> Make your customers and visitors always have the link to your site on
their Explorer toolbar.
Custom Toolbars increase your ability to market your site anywhere within
millions of Internet browsers and takes only seconds to install.
<P>
Custom IE Toolbar with unlimited menu items - 200$US!<BR>
Advanced IE Toolbar with custom design logo - 250$US! <BR>
Unlimited IE Toolbar features with the plain rate of 20$US p/h for
programming!
<P>
You may distribute your Toolbar to your Web site visitors, employees, etc.
This provides quick access to your Web site and perhaps other useful links
you find appropriate for them.
<HR NHSHADE WIDTH="80%"> <!-- ************************************************* -->
We're mailing to let you know that selected issues of the Depeche Mode
fanclub magazine - Bong - are now available from our UK Depeche Mode
Store.
<HR NHSHADE WIDTH="80%"> <!-- ************************************************* -->
<PRE>
SPAM: -------------- Start SpamAssassin results -----------
SPAM: Hit! (4.9 points) BODY: Resistance to this spam is futile
SPAM: -------------- End of SpamAssassin results ---------
</PRE>
You are receiving this exclusive promotion from AdPro Solutions as part of the
terms of service agreed to when you signed up with AdPro Solutions through one
of its network of affiliate sites. Replying to this email will not unsubscribe
you. Please follow the instructions at the end of this message if you would
prefer not to receive these special offers in the future.
<HR> <!-- ************************************************************** -->
<P> Happy Linuxing!
<P> Mike ("Iron") Orr<br>
Editor, <A HREF="http://www.linuxgazette.com/"><i>Linux Gazette</i></A>, <A
HREF="mailto:gazette@ssc.com">gazette@ssc.com</a>
<BR CLEAR="all">
<!-- *** END Not Linux *** -->
<!-- *** BEGIN bio *** -->
<SPACER TYPE="vertical" SIZE="30">
<P>
<H4><IMG ALIGN=BOTTOM ALT="" SRC="../gx/note.gif">Mike Orr</H4>
<EM>Mike ("Iron") is the Editor of <I>Linux Gazette</I>. You can read what he has
to say in the Back Page column in this issue. He has been a Linux enthusiast
since 1991 and a Debian user since 1995. He is SSC's web technical
coordinator, which means he gets to write a lot of Python scripts.
Non-computer interests include Ska/Oi! music and the international language
Esperanto. The nickname Iron was given to him in college--short for Iron Orr,
hahaha.</EM>
<!-- *** END bio *** -->
<!-- *** BEGIN copyright *** -->
<hr>
<CENTER><SMALL><STRONG>
Copyright &copy; 2002, Mike Orr (LG Editor).
Copying license <A HREF="../copying.html">http://www.linuxgazette.com/copying.html</A><BR>
Published in Issue 82 of <i>Linux Gazette</i>, September 2002</H5>
</STRONG></SMALL></CENTER>
<!-- *** END copyright *** -->
<HR>
</BODY></HTML>
Reference in New Issue View Git Blame Copy Permalink