What's New!

Chat with
Hackers

How to Defend
Your Computer 

The Guides
to (mostly) 
Harmless Hacking

Happy Hacker 
Digests (old stuff) 

Hacker Links 

Hacker
Wargames 

Meet the 
Happy Hacksters 

Help for 
Beginners 

Hacker 
Bookstore 

Humor 

It Sucks 
to Be Me!

How to Commit
Computer Crime (not)! 

What Is a 
Hacker, Anyhow? 

Have a 
Great Life! 

News from the 
Hacker War Front

Carolyn's most
popular book,
in 4th edition now!

For advanced
hacker studies,
read Carolyn's
Google Groups
Subscribe to Happy Hacker
Email:
Visit this group

Unix Edition

Dec. 11, 1999
_______________________________________________________________________
See the Happy Hacker web site at http://www.happyhacker.org
URL of the Issue:
http://www.ugu.com- great Unix site
_______________________________________________________________________

Editor's Comments
URLs
Nuggets of Info
Readers' Questions

***********************************************************************
*** Editor's Comments
***********************************************************************

I just have two quick things to write here. First, a lot of the mail I've been
getting has been addressed to Carolyn Meinel. While I'm sure she loves to hear
from all of you, please don't send her your Unix questions-- those should come
here (unixeditor@cmeinel.com). Also, please do me one small favor. I know
not everyone here speaks english as a native language... but I hope I'm not
asking too much in asking that you don't send "where can I get mp3 and/or
warez messages to the _unix_ digest. OK? Unix Digest does NOT stand for Users
Needing Illegal X, X:{MP3,Warez}. Thanks a lot!

***********************************************************************
*** URLs
***********************************************************************

*Unix Guru Universe: http://www.ugu.com/sui/ugu/show?help.beginners
Contains some excellent infomation about all types of Unixes (Unices???).
Geared towards sysadmins, but contains some useful info for regular users as
well.

 

*Linux News: http://www.linux-radio.com/
Features RealAudio format Linux news broadcasts.

*News before it happens: http://www.betanews.com
They tend to focus on Microsoft OS's a lot, but there's often news of interest
to Unix users as well. And besides, a friend of mine is a staff writer :)

***********************************************************************
*** Nuggets of Info
***********************************************************************

*Mail Spooling Heads-Up
Ok, I confess; I screwed up. I was trying to configure procmail on my school
email server to route my mail into different mailboxes. Officially, the
easiest way (with sendmail as the MDA) is to create a .forward file with an
"exec" line to forward my mail to procmail. My system didn't like that, so I
used a script I found on the internet that would take the mail spool file and
send it through procmail. Well, I ran it without analyzing it myself, and paid
the price. This started last friday. It appeared to work well; it send my mail
to procmail and then recreated the folders like it was supposed to. But I
noticed I was no longer receiving mail. I figured no one was emailing me, but
my mailing lists were also not showing up. I checked my fetchmail
configuration (which picks up mail from other pop3/imap servers), but that was
ok. Finally, on Monday, it dawned on me: check the permissions on my mail
spool file. Sure enough, they were set to 600 (user- read/write,
group+all=nothing). Generally, the spool file belongs to group 'mail', and the
group is given read+write permission to the file, so the MDA (which runs as a
member of the mail group) can read+write to it. Well, this script screwed it
up, so, with permissions of 600, mail was not deliverable. (Note to admins: if
you do this to a user, they can read their mail, and delete it, but not
receive any new mail... very easy). Anyway, heads up-- always check scripts
b/4 running them, not just for trojans, but for logic flaws as well.

***********************************************************************
*** Readers' Questions
***********************************************************************
Dan Feilding <gorphtdog@hotmail.com> writes,

yeah I need info on setting up a ppp server on and existant linux server, the
main linux server has very high security, with both delayed and active port
listners, i have herd some info on setting up a network with connection in
the negative ip range, specifacly -129
and by doing this can avoind all of the present day listning devices.

i know that only linux can handle negative ip's, and that i haven't seen a
port scanner or listner that does anything in the negative range. if their is
any info you have that would be great, and i am in the proccess of making a
negative port scanner of my own, i think by just changing the scanning
paramiters on the if and, statements that it should work. if this makes sense
to u please mail back

[Editor: Hmmm. I don't want to look really stupid here, but I have no idea
what he's talking about. I'm not even sure how such a thing would work. How
exactly would traffic reach these negative ports? What'd the routing system
be: wrap/complement/signed->unsigned/something else? If anyone has heard of
such a thing, please respond.]

-----------------------------------------------------------------------

Numerous Readers <a.lot@are.inquiring.com> are asking,

What's the best Unix system to buy/download?

[Editor: I don't want to start any holy wars here, and I suppose this is
really asking for trouble, but please send me your opinions on why you think a
given Unix is the best/easiest/most powerful/largest package library/most
secure/whatever. In a later Digest, I'd like to publish some of the summaries,
so that users who want a _good_ comparison with all sides taken into account
can learn without having to wade through the "Red Hat rocks! Slackware sux!"
type messages that don't actually contain any real information.]

-----------------------------------------------------------------------

The Paladin (adam@paladin.ndo.co.uk) wonders,

Hi,
I very much enjoy reading your GTMHH, and they are where I aquired your
e-mail address. I hope you don't mind me sending this to you in person [Ed:
this was sent to Carolyn] rather than the Happy Hacker mailing list, but I
have a question about running both MS-Windows and Linux on the same computer
(PC) with a BIOS prompt to ask which to use. At the moment I am of the opinion
that it would be best to have a separate hard drive for each as supposedly
Windows won't acknowledge Linux's existance and will say I have more disk
space than I really do. I then had the idea of a DOS partition of my disk, but
I'm not sure if the BIOS would read them as two separate drives or not. I was
hoping that if you had run both of these together succesfully or knew how I
could do this, you would let me know. Thanks very much,

[Editor: Having a seperate HD is, of course, the easiest solution (make the
Linux drive your master drive and use LILO to choose b/w them. There are
HOWTO's for DOS+Linux, and Win95+Linux, and I'd imagine a Win98+Linux, though
I don't know for sure. If you want to share a drive, that's not a problem.
Make the Linux partition (or partitions, you should really set up several
/usr, /home/, etc.) the active one, and run LILO. Windows will not allow you
to access the Linux partitions, but they should appear as non-dos partitions,
it won't show it as availible space. I think that should be clear enough... I
hope.]

-----------------------------------------------------------------------

ZORATTI FABRIZIO (bobocell@otenet.gr) inquires,

<Snip out personal note>

I bought RedHat Linux 6.0 and I try to use the kppp program to connect
to the internet.My problem it's that I can run this program only as
root.
If I'm logged in as user a message pop up on my desktop:
ERROR

pppd is not properly installed!
The pppd binary must be installed
with the SUID bit set.Contact your
system administrator.
OK

Can you give me some advice about what should I do, to get this program
running as I am a user?(SUID stay for SWITCH USER ID?it's not very clear
in the man pppd this problem).So I though ,you as a wonderful teacher
and expert to UNIX can understand and explain me this problem .

[Editor: I would suggest you read the PPP-HOWTO for help, but I'll basically
summarize what you need here. pppd needs to be run as root. Note that doesn't
mean you need to be root to run it. Rather, it needs to run with root
permissions (to access the modem, in this case). By typing 'chmod u+s pppd',
it sets the SU (as in the su command) ID. In general, SUID can also be a
potential security flaw, since a buffer overflow (or other exploit) running
SUID is much closer to allowing a root shell than a standard program. The pppd
binary, however, is known to be (relatively) safe. Check the HOWTO, however,
the writing there is better than mine. Also check the man page for chmod.]

***********************************************************************



For Windows questions, wait a while... we're still looking for a
windows editor :)
For Unix questions, contact unixeditor@cmeinel.com.

Happy Hacker is a 501 (c) (3) tax deductible organization
in the United States operating under Shepherd's Fold Ministries.

 © 2013 Happy Hacker All rights reserved.