July 2002 - openSUSE Security - openSUSE Mailing Lists

SuSEfirewall2 , pptp, and port forwarding
by Robert Fenney 26 Jul '02

26 Jul '02

Has anyone gotten PopTop pptp working with SuSEfirewall2? I and make the connection but nothing is getting through and my head is getting a little sore from pounding it on the wall! Also does anyone have an example of forwarding pcAnywhere ports to a system behind SuSEfirewall2? For some reason I can't get it working. Thanks! P.S. I know about FreeSwan and can't use it for this project.

2 2

configuration issue with seccheck
by oliver.z 25 Jul '02

25 Jul '02

Dear list I installed via rpm ( seccheck-2.0-140.rpm) seccheck. I read the README for seccheck but it is not clear how to install in a right way. I found the scripts in /var/lib/secchk/... and I can run all of them manually. But I want that the system run them automatically. Do I have to change something in cron.daily or in crontab? I changed already to START_SECCHK="no" in /etc/rc.config, but nothing happened! When I run the script with ./security-daily.sh manually, then check the script only user in the trusted group and not root or other user! He should even check root! And the script mentioned nothing when I have a password with less then 8 characters!!! Can seccheck write any logs or only mail? thanks for any help Oliver

2 1

relaying denied fixed
by Miguel Albuquerque 25 Jul '02

25 Jul '02

hi, Hi, I figured out that forwarding mail to smtp-backdoor overrides sendmail access.db and some FEATURES for control relaying (is that possible?) or I missed something. The solution was adding the ip-address in etc/avgate.acl wich doesn't satisfy me much since sendmail provides more precise tuning. I tryed piping mail thru sendmail insted of forwarding but there isn't too much of a change, I still could trash etc/mail/access. How can I fix this and still enable rejection of mail based on the RBL? Greetings -- .-. Basilinfo Sàrl /v\ We Run SuSE Network Systems Web Content Management // \\ *The LINUX Experts* c/o Miguel Albuquerque /( )\ 13, Pré-de-la-Fontaine ^^-^^ 1217 Meyrin, SWITZERLAND Tel: +41 (22) 782 5344 Fax: +41 (22) 782 5348 mailto:mfoacs@e-workshop.ch http://www.basilinfo.com

1 0

Re: [suse-security] Location of yast config files (Slightly OT)
by Markus Gaugusch 25 Jul '02

25 Jul '02

According to http://sdb.suse.de/en/sdb/html/yast2_pakete_installieren.html you have to do hwscan --cdrom to fix the problem -- __________________ /"\ Markus Gaugusch \ / ASCII Ribbon Campaign markus(a)gaugusch.at X Against HTML Mail / \

3 2

Location of yast config files (Slightly OT)
by Stefan Suurmeijer 25 Jul '02

25 Jul '02

Hi list, can anyone tell me where Yast stores hardware settings? I moved my cdrom from /dev/hdb to /dev/hdc. Unfortunately, yast keeps looking for hdb to install software from. I've manually copied the files I needed and installed them, but in the future it would be nice to know where to look for the config files. I saw a CDrom entry in /var/lib/YaST2/install.inf, but changing that doesn't appear to work. TIA Stefan

4 4

RE: [suse-security] unable to connect via ssh-fixed
by oliver.z 25 Jul '02

25 Jul '02

I found the problem. My client (due dhcp) was not include in the allow.deny file. Almost to simple to be true... thanks Oliver >===== Original Message From "Sven 'Darkman' Michels" <sven(a)darkman.de> ===== >Oliver Ziltener wrote: >> Dear list >> >> This is not directly a security question, but the technologie what I use >> comes from the security area. >> So I hope somebody can support me from this list. >> After a clean shutdown (due maintanence at the 230V system) of the system, >> it was not possible to connect again via ssh. >> And of course afew days before was ssh working perfect. I can see in the >> sniffer files that the tcp 3 way handshake is working fine, but afterwards I >> get a timeout. No information in any logfiles about ssh failure. >> I use on a win a putty-client. The ssh daemon is running. >> I use suse 8.0 with susefirewall2. The system response to port 22 (checked >> with nmap) >> And I have physically access to the system. >> Has anybody an idea how to fix that? > >try ssh -P [otheroptions] host > >Sven > > > >-- >To unsubscribe, e-mail: suse-security-unsubscribe(a)suse.com >For additional commands, e-mail: suse-security-help(a)suse.com >Security-related bug reports go to security(a)suse.de, not here

1 0

RE: [suse-security] unable to connect via ssh
by oliver.z 25 Jul '02

25 Jul '02

Hey Sven from another system: ssh -P <ip-address> ssh_exchange_identification: connection closed by remote host ssh -P <local ip address> ssh_exchange_identification: connection closed by remote host ssh -P localhost Then he ask me the system to add localhost permanently and show me the rsa fingerprint. Where is this hostlist? I said yes, but the system doesn't recognize any password. Then ssh -P -l userX localhost >>works perfect And I found in the warn.log messages from sshd: refused connect from ::ffff:<ip_addr> I use openssh3.4p1 is the perhaps a lifetime for the sshkeys? thanks Oliver >===== Original Message From "Sven 'Darkman' Michels" <sven(a)darkman.de> ===== >Oliver Ziltener wrote: >> Dear list >> >> This is not directly a security question, but the technologie what I use >> comes from the security area. >> So I hope somebody can support me from this list. >> After a clean shutdown (due maintanence at the 230V system) of the system, >> it was not possible to connect again via ssh. >> And of course afew days before was ssh working perfect. I can see in the >> sniffer files that the tcp 3 way handshake is working fine, but afterwards I >> get a timeout. No information in any logfiles about ssh failure. >> I use on a win a putty-client. The ssh daemon is running. >> I use suse 8.0 with susefirewall2. The system response to port 22 (checked >> with nmap) >> And I have physically access to the system. >> Has anybody an idea how to fix that? > >try ssh -P [otheroptions] host > >Sven > > > >-- >To unsubscribe, e-mail: suse-security-unsubscribe(a)suse.com >For additional commands, e-mail: suse-security-help(a)suse.com >Security-related bug reports go to security(a)suse.de, not here

2 1

Weird problem with sendmail on SuSE Linux w/OE 6.0- cannot forward email.
by Andrew Lietzow 24 Jul '02

24 Jul '02

Dear SuSE wizards, I don't know if this is a problem with sendmail, the access.db, my /etc/hosts.allow, some security settings, the network hubs, Linux, or just what... The problem: The client has a small network with two servers, both with dedicated IP addresses. The first server is a Novell Server. The second is the SuSE 7.3 server whose main mission in life is to run sendmail. It works flawlessly, except for one small problem--two users on the second floor cannot forward email messages. (the mail clients are OE 6.0 with a POP3 connection). There are three ethernet hubs, call them A, B, and C. A connects the two servers, with a line that goes to B. B accepts network connections from all users on the 1st floor. This hub has one cable that goes to hub C on the second floor. I am including this because, if I bring a computer that is attached to hub C on the second floor to a station that plugs directly into B, I can forward email and it works just fine. All other network access functions work just fine. The error message is a Time-out from the SMTP server and OE asks if they want to wait for 60 seconds longer. I will add that if I telnet to the SMTP port when I am connected to hub C, mail.server.org replies with a helo to smtp.server.org. When I move the PC to connect to Hub B, I a helo to that same smtp.server.org. The unit with that domain name (smtp.server.org) is the Novell server which acts as the gateway to the internet. It should NOT be necessary for this server to act as a gateway to the smtp server. This is probably a lot more detail than is required, but how can I go about troubleshooting why these two workstations cannot forward mail? (they send and receive just fine. When we attempt to forward, there is NO message generated in the /var/log/messages or /var/log/mail that I can find. Weird. I have swapped hubs but that yield no differences. I swapped hubs because this problem did not crop up until a previous hub "C" was damaged by water. When I swapped that hub out for a new one, that seems to be when this problem started. Only the two people that are plugged into this new hub have the cannot forward problem. I tried another hub just because this seems like the only variable that could be the offending variable. Any hints on what I could try next? I am stumped! -- Andrew Lietzow The ACL Group, Inc.

1 0

php
by Bryan Smith 24 Jul '02

24 Jul '02

Reading through the archives it looks like the php 4.1 shipping with 8.0 is mute to current php issues (from file upload to current POST issues). However, will a 4.2.2 rpm be available anytime soon? Thanks, -Bryan

1 0

Re:relaying denied
by Miguel Albuquerque 24 Jul '02

24 Jul '02

I'm using sendmail 8.12.3, Suse 8.0. Sendmail listens on smtp-backdoor 825 (avmailgate and stuff). I've been looking all the config files, mostly unchanged and correct. I've noticed something strange in the log, when I check my mail it seems that my client doesn't login as others do. Jul 24 19:56:55 ns avgated[11934]: connection from [129.194.124.141] Jul 24 19:56:55 ns avgated[11934]: Relaying denied for rcpt albuque0(a)etu.unige.ch Jul 24 19:56:57 ns avgated[11934]: connection to [129.194.124.141] closed I'm using named BIND version 9.1. If I send mail with my webmail interface there is no prob... Thnx ---- .-. Basilinfo Sàrl /v\ We Run SuSE Network Systems Web Management // \\ *The LINUX Experts* c/o Miguel Albuquerque /( )\ Av. Miremont 46 ^^-^^ 1202 - GE, SWITZERLAND Tel: +41 (22) 782 5344 Fax: +41 (22) 782 5348 mailto:mfoacs@e-workshop.ch http://www.basilinfo.com

2 1