LJ Archive

Best of Technical Support

Various

Issue #54, October 1998

Our experts answer your technical questions.

Authentication Failure

When I use Netscape from a Windows 95 PC to access my Linux 5.0 mail server, I get a prompt (as I should) for my login and password. However, when I type my password (or login) wrong, authentication fails and the server won't let me read mail, but it will let me send mail. That mail is sent with my name and address on it, which makes it easy for people to use my account and send mail using my name. Since I am also the administrator of that mail server, should I shut down imap and pop3? I don't want my users to have this problem too.

I have checked out PAM configuration, and imap uses the same library (pampwdb.so) as login and other critical services to authenticate users. So, what can I do to solve this problem and provide imap and pop3 service? —Diego A. Puertas Fernández, Red Hat 5.0

There is nothing you can do about it. What actually happens is that Netscape uses SMTP to send mail, and SMTP doesn't require any kind of session or login. Netscape (or any other mail client, for that matter) connects to the sendmail running on your server, gives it your piece of e-mail, and your server relays it to the Internet. Anyone can send mail as anyone else (especially on a Windows machine, since it doesn't provide the ident service and doesn't return a result that can be trusted). If you look in e-mail headers, most of the information (outside of the Received lines) can easily be spoofed. —Marc Merlin, marc.merlin@magic.metawire.com

Keyboard Troubles

I run a small web-hosting service in San Juan, Puerto Rico. The keyboard of one of my servers has stopped responding to Linux boots and I can access it only through TELNET. The server there has no response from the keyboard. My guess is that it was hacked as security in my network is just starting to be updated. Can you please help?

I've been told that by closing the unused ports I can have a more secure environment—how is that done? —Frank Nazario, Red Hat 5.0

The keyboard not working sounds like a hardware problem. Will the keyboard let you go into the BIOS setup?

As far as security goes, first of all edit /etc/inetd.conf and comment out anything you aren't sure you need, then restart inetd (with killall -HUP inetd). If it turns out you need something you commented out, just go back in to /etc/inetd.conf and uncomment it, then restart inetd again.

Then you'll want to kill any daemons you don't need. Be a little more careful here—make sure you don't kill off things like atd and crond. On the average server, you can (and should) kill off things like lpd, nfs, portmap and smb. Run /usr/sbin/ntsysv (a very handy utility included with Red Hat 5.x) and uncheck things that shouldn't be started. Then reboot or do:

for file in /etc/rc.d/rc3.d/K* ;
do $file stop ;
done

to make sure the things that shouldn't be running aren't.

The other important thing you want to do is keep up with updates from Red Hat. There have been some pretty major security holes announced recently, so you'll want to get all the updates on a regular basis. —Steven Pritchard, steve@silug.org

Rebel CD-ROM

My ATAPI CD-ROM won't eject or unmount in X—I get an error message saying the drive is busy. I tried closing everything but one X term and made sure the current directory wasn't in the CD, but it still says it's busy. Quitting X solves this problem. —John Vestrum, Red Hat 5.0

In my experience, this problem has been caused by a CD player running in a menu/button bar (such as AfterStep's “wharf” button bar) or a player that did not exit correctly after being used. Make sure there are absolutely no audio CD players running anywhere—if necessary, disable CD players you may have in a “wharf” type button bar—and see if that helps. —Erik Ratcliffe, erik@caldera.com

Modem Questions

I am about to install Red Hat 5.0, but would like to know if I need a new modem first so I don't lose WWW access. My current modem is a “Windows only” US Robotics Winmodem—yeah, I know—but it was cheap.

Do I need a new modem, or is there a driver available that enables use of this Winmodem under Red Hat 5.0? —Bill Brower, Red Hat 5.0

Sorry, but unfortunately you need a “real” modem. By “real”, I mean one that simply presents a serial interface to the hardware or plugs directly into a serial port. The problem with the “Winmodem” is that it does all the signal processing using the CPU of the host computer instead of having its own CPU to do the grunt work. I don't want to debate the relative merits of that process here, but suffice it to say that I will never buy a Winmodem nor will anyone I know. —Donnie Barnes, redhat@redhat.com

Poor FTP Speeds

I am getting very poor FTP speeds, but speeds of remote X applications are fine, 1.5MB/sec. I am using a Linksys Pocket Ethernet adapter on LPT1 and the de620 driver. Typing the command more /proc/dev/net shows “no lost”, and colls packets... dmesg shows “etho: Page out of sync! Restoring...” During FTP testing, I got a few “Illegal Packet size -4! Illegal Packet size 24!” messages when I changed the window size for that route by adding:

-net xxx.xxx.xxx.0 netmask 255.255.255.0
dev eth0 window X X= default,
8000, 800, 400, ...

The adapter seems to be working well from the X application testing, but FTP is useless. It starts fine (first set of packets) and quickly slows to a crawl, never to pass 2MB. Any ideas? —James T. Billups III, Red Hat 5.0

All I can think of is that you are running with a bi-directional printer port. Try changing this port back to “normal” (sometimes referred to as SPP) in your CMOS setup, or on your I/O card if it's not a built-in motherboard-type printer port and see if that helps. The source code for the de620 driver includes some comments that indicate this is the mode your printer port should be in when using this adapter. —Erik Ratcliffe, erik@caldera.com

Ugly Back Slashes

My question is about /etc/issue. I edited this file to show the name of my computer and it contains some backslash characters. I had to write these as \\ (double backslash) because one backslash is used as an escape character. But, when I access my computer through TELNET, both backslashes appear and look quite unpleasant. Is there any way of avoiding this? —Mihai Bisca

Your getty and telnetd parse the /etc/issue file in a different way. Create an /etc/issue.net file to provide a message for telnetd, while /etc/issue is reserved for local use. Naturally, this depends on the internals of getty and telnetd, and yours may be different from mine. —Alessandro Rubini, rubini@linux.it

Blank Screen

Whenever I try to run X Windows, I get a blank screen after some disk action. I've tried the S3 server, an S3 card, the SVGA generic, the VGA generic and the unsupported VGA generic; all give me the same blank screen. I know my settings are right for everything else. I can continue working in other VCs, but they are all blank as well. I know I'm using them, because I get beeps at the right time, etc. I guess it's a problem with my video settings, but I've tried everything and can't fix it. —David Tilleyshort, Slackware 3.4

Odds are there is a mismatch between the frequency settings you have passed in your X configuration and the frequencies supported by your monitor. Make sure you have the correct frequency ranges for your monitor in the XF86Config file; check the documentation that came with your monitor to be sure. If you don't have the documentation, a good generic set of ranges for a low-end multi-frequency SVGA monitor are 31-38 horizontal and 50-90 vertical.

One side note: some “green PC” monitors actually shut down after X starts. There may be parameters which can be passed to your X server to disable this behavior; check the various README files and documentation on XFree86 Org's web site: http://www.xfree86.org/. —Erik Ratcliffe, erik@caldera.com

Establishing an ISP Connection

I can establish an ISP connection. I cannot use a browser, FTP or TELNET. I get an error message like “cannot find URL”. I am using Xisp to connect and have made a symbolic link from /dev/modem to /dev/ttys1. Can you help me? —Ric Stattin, Caldera 1.2

Chances are your name server isn't entered in /etc/resolv.conf. The format of this file is as follows (from comments in resolv.conf generated by LISA):

# possible entries are:
# gethostbyname syscall is used to
# search <list_of_domains> Search list for
# hostname lookup.
#
# nameserver <ip_addr> Define which server to
# contact for DNS lookups. If there are
# multiple nameserver lines (Max=3),
# they are queried in the listed order.

There is also a “domain” entry (of which you can have only one). So, a sample resolv.conf file might look like this:

domain caldera.com
search caldera.com personal.net
nameserver 192.168.1.1
nameserver 192.168.1.126

These entries will need to be changed for individual setups, of course. The name server IP address will need to be obtained from your system administrator or ISP. Once you have this information in the /etc/resolv.conf file, you should be able to connect to remote hosts by name. —David M. Brown, david@caldera.com

Mounting ATAPI CD-ROM

When I try to mount my ATAPI CD-ROM (I have two Pioneers as masters on 2-IDE and a Delta as slave on 2-IDE; both drives are recognized by the kernel as hdc and hdd), I get an error message which states, “mount fs: type 9660 not supported by kernel”. I have tried to modify the /etc/fstab with:

/dev/hdc /mnt/cdrom iso9660 noauto 0,0
/dev/hdd /mnt/cdrom01 iso9660 noauto 0,0

I still get the same error. Can you help me? —Kim Nielsen, Red Hat 5.1

This is happening because your kernel wasn't compiled to support the iso9660 file system, and you don't seem to be able to load the module. Try this first:

moremagic:~# cat /proc/filesystems
 ext2
 minix
nodev proc
 vfat
nodev autofs
nodev nfs
        iso9660

If you don't see iso9660, you should have an isofs module (unless you recompiled your own kernel). If typing insmod isofs and then mounting your CD-ROM works, your problem may be that kerneld isn't running. Try:

moremagic:~# ps auxww | grep kernel[dD]
root 38 0.0 0.3 756 364 ? S 01:15 0:00 /sbin/kerneld

If kerneld is not there, you will need to start it yourself. —Marc Merlin, marc.merlin@magic.metawire.com

LJ Archive