KCLUG September 2005

kclug@kclug.org

29 participants
34 discussions

Re: [OT] Katrina
by raldenfranklin＠everestkc.net 04 Sep '05

04 Sep '05

Jason Clinton wrote: >Well, this post is decidedly off-topic but the horror of watching the worst in >humanity unfold over the past week as left me feeling like doing more. That's >why I'm posting this request for donations. If you would like to contribute, >I would like to pass along this recommendation: > >http://www.americares.org/ > >The recommendation comes from several organizations which I respect: >* the Council for Secular Humanism >* the Center for Inquiry >* Skeptical Inquirer >* The Committee for the Scientific Investigation of Claims of the Paranormal > >I am intentionally not recommending the Red Cross due to their handling of >money received for victums of the terrorist attacks in 2001. > > Thank you, Jason. good recommendation. one may also consider: http://www.directrelief.org/ " Direct Relief International is a non-profit, non-political, and non-sectarian organization that provides assistance without regard to race, ethnicity, political or religious affiliation, gender, or ability to pay. We are committed to making every dollar count less than 1% of our support goes to administrative and fundraising expenses". Peace, Rick

1 0

[OT] Katrina
by Jason Clinton 04 Sep '05

04 Sep '05

Well, this post is decidedly off-topic but the horror of watching the worst in humanity unfold over the past week as left me feeling like doing more. That's why I'm posting this request for donations. If you would like to contribute, I would like to pass along this recommendation: http://www.americares.org/ The recommendation comes from several organizations which I respect: * the Council for Secular Humanism * the Center for Inquiry * Skeptical Inquirer * The Committee for the Scientific Investigation of Claims of the Paranormal I am intentionally not recommending the Red Cross due to their handling of money received for victums of the terrorist attacks in 2001. -- I use digital signatures and encryption. My key is stored at pgp.mit.edu key ID code: "0x8DB3BF09". F: F628 D9D3 E57A C281 5EFE 7DF7 B52A A393 8DB3 BF09

1 0

RE: routing problem - fork on gateways
by hanasaki 03 Sep '05

03 Sep '05

My current network is a hybrid of the below A and B and also not yet finished. I suppose it is most like B with the firewall and router split in two boxes and the router only having one NICE. The plan is to get to Picture A and build the honeypot at some later time. You do bring up a good point about the bypassing of the router. This is addressed with iptables on the firewall. It will only alot outgoing traffic from the router. The only way to the firewall is the console or ssh from the router. Also the fw is a 166 (i know thats overkill for a basic Linux firewall) The router runs internal dhcp and dns, external and internal webservers and email and imap an squid. They will all be split if the scalibiltiy is needed. For now, they all have cname alias' so the hostnames are at least unique. Actual topoligy: +----------+ | internet | +----------+ | | firewall +------------+ | 10.1.1.1 | +------------+ | | +-----------+ | 10.1.1.2 | router | | (one nic) +-----------+ | | +----------+ | localnet | (switch 2) +----------+ =========== If the firewall is compromised there is no way to prevent any computer connected to any network that has internet access from being attacked no matter how elegant your network design. I find the it is better to use a simple network plan from a safe-yourself-headaches perspective. I much prefer this type of set up +----------+ | internet | +----------+ | | firewall honeypot +------------+ +-----------+ | 10.1.1.1 | ------ | 10.1.1.10 | (switch 1) +------------+ +-----------+ | | +-----------+ | 10.1.1.2/ | router | 172.1.1.1 | (two nics) +-----------+ | | +----------+ | localnet | (switch 2) +----------+ Picture A However, I do not have a honeypot currently and hence no need to seperate the firewall and router, thus negating the need for two switches. Also, I use my firewall/router as the gateway so one of the two nics has a real world ip and the other is to the local lan. >From what I can see of the network here described the firewall is the gateway to the internet, but there is something meissing from the description. I see the router as a useless box on the network and any pc connected to the network can bypass the router and route directly through the firewall. This is the network I see described. (internet) ---- (cablemodem) | | [ real ip addr ] (gateway/firewall?) [10.1.1.1] | __________|_____________________ | | | 10.1.1.30 10.1.1.10 10.1.1.2 host 1 host 3 host 2 (router) Picture B Now an intelligent ip protocol will bypass the router once it has found the gateway, so traffic only goes through the router the first time. Correct me if I'm wrong in any of this. I don't see the internet gateway in the description of the LAN anywhere, so I've assumed that the firewall is the gateway. I see only the firewall with a local address connected to the cable modem, which I don't think will work the way described. Something here has to be connected to two networks (LAN & internet). Brian JD

1 0

Installing FC4 on new HD
by Jon Moss 01 Sep '05

01 Sep '05

I had a hard drive die a couple of weeks ago so I eBayed a new one and it arrived yesterday. I'm installing FC4 now. However, I wasn't paying attention (yes, I didn't RTFS) and went flying by the screen for DHCP or Manual IP. I wanted Manual IP. I also forgot to grab the memory out of the old server and put it in this one. Anyway, I know I can change the DHCP to manual when I'm done. But where/when will it ask me for the name of the server? Did I fly by that screen as well? -- Thanks very much, Jon Moss jon.moss(a)cnonline.net

2 1

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

KCLUG September 2005