Subject: Linux-Misc Digest #161
From: Digestifier <Linux-Misc-Request@senator-bedfellow.MIT.EDU>
To: Linux-Misc@senator-bedfellow.MIT.EDU
Reply-To: Linux-Misc@senator-bedfellow.MIT.EDU
Date:     Mon, 23 May 94 18:13:13 EDT

Linux-Misc Digest #161, Volume #2                Mon, 23 May 94 18:13:13 EDT

Contents:
  Linux Journal #2 Anybody get theirs yet? (Vincent Cocco)
  Good Linux CD (Gary Williams)
  Basic Linux/UUCP problem - finding systems (Jim Sims)
  Re: URGENT: Linux Security Fixes -CERT Advisory! (Eric Kimminau)
  Re: A good NFS server ? (Amancio Hasty Jr)
  Q: Best video? (Anthony L. Kimball)
  Just Computers (Chang-Hsun Jon Huang)
  MAEstro under Linux ? (Carlos Contreras Bizama)
  book the linux (Carlos Contreras Bizama)
  Re: Beware: Just Computers (Randy Just)
  problems with slip/dip and route. (Kristian Mowinckel)

----------------------------------------------------------------------------

From: cocco@misty.suffolk.edu (Vincent Cocco)
Subject: Linux Journal #2 Anybody get theirs yet?
Date: 23 May 94 18:38:05 GMT

I do'nt know about everyone else who subscribed at the BCS MegaMeeting
at UMASS Boston but I'm still waiting on My Linux Journal Mag.  I got
the cancelled check a while ago but still no issue.  
Anybody get there's yet?

Vin Cocco
Suffolk University


------------------------------

From: williams@secorner.cen.encompass.com (Gary Williams)
Subject: Good Linux CD
Reply-To: williams@cen.encompass.com
Date: Mon, 23 May 1994 18:03:14 GMT

I've seen several questions about good CD Linux distributions, so I  
thought I'd throw in my $.02 on the subject.  I've been following the  
Linux news groups for some time, and read several of the HOWTO's.  I  
finally took the plunge, and ordered the Trans-Ameritech CD.  It seemed to  
have the best variety of options.  I installed it this past weekend, and  
it went flawlessly.  I even rebuilt the kernel, and didn't have any  
problems at all.  The installation program did just about everything for  
me.  I installed the Slackware release, with just about all the options  
(for development).  I haven't done too much yet, but I'm very pleased with  
the job Trans-Ameritech did with their distribution.  BTW, I don't  
represent TA in any way but as a satisfied customer.


==========================================================================
      Gary D. Williams                          (919) 460-3283
      113 Edinburgh S.                          williams@cen.encompass.com
      Suite 200
      Cary, NC 27511
==========================================================================

------------------------------

From: sims@scra.org (Jim Sims)
Crossposted-To: comp.mail.uucp
Subject: Basic Linux/UUCP problem - finding systems
Date: 23 May 1994 13:07:23 -0500

 I'm trying to get uucp up on the March 1.02 release of Linux, but it
doesnt find my Systems entries. I have machines in
/usr/lib/uucp/Systems, but uuname -a doesnt give me anything and
trying uucico to one of the machines there errors out, unable to find
the system entry.

 I tried copying the Systems file to L.sys, but that didnt help
 either....

 Any ideas? This must be something _really_ basic; I dont have this
problem on the Sparc box next to the Linux box....

 Please reply by email to sims@scra.org

thanks,
jim

------------------------------

From: ekimmina@pms709.pms.ford.com (Eric Kimminau)
Subject: Re: URGENT: Linux Security Fixes -CERT Advisory!
Date: 23 May 1994 18:02:32 GMT

> It is worth to note (as posted earlier) that AIX systems, for instance
> are also affected.

From cert-advisory@cert.org Mon May 23 13:21:27 1994
Date: Mon, 23 May 94 11:00:22 EDT
From: CERT Advisory <cert-advisory@cert.org>
To: cert-advisory-request@cert.org
Subject: CERT Advisory CA-94:09.bin.login.vulnerability

======================================================================
========
CA-94:09                         CERT Advisory
                                 May 23, 1994
                            /bin/login Vulnerability
======================================================================
========

The CERT Coordination Center has learned of a vulnerability in
/bin/login.  This vulnerability potentially affects all IBM AIX 3 
systems and Linux systems.  At this time, we believe that only 
IBM AIX 3 and Linux systems are at risk.

Included with this advisory is an appendix containing the
CA-94:09.README, which lists the vendors who have responded to our
inquiries, and the status of their investigation into this
vulnerability report.  As we receive additional information relating
to this advisory, we will place it, along with any clarifications, in
the README file, available via anonymous FTP from info.cert.org.  We 
encourage you to check the README files regularly for updates on
advisories that relate to your site.  

======================================================================
========

I.   Description of IBM AIX vulnerability

     A vulnerability exists in /bin/login on all IBM AIX 3 systems.

II.  Impact of IBM AIX vulnerability

     Remote users can obtain unauthorized root access on the affected
     hosts. 

III. Solution for IBM AIX vulnerability

     IBM is working on an official fix, which is still under
     development.  The reference number for this fix is APAR IX44254.
     Until you obtain the official fix from IBM, we encourage you to
     apply the workaround or install the emergency fix below.

        A. Workaround

           The recommended workaround is to disable the rlogin daemon:

           1. As root, edit /etc/inetd.conf
              Comment out the line 'login ... rlogin'
           2. Run 'inetimp'
           3. Run 'refresh -s inetd'

        B. Emergency fix 

           The emergency fix for the different levels of AIX 3
           affected by this vulnerability is available via anonymous
           FTP from software.watson.ibm.com:/pub/rlogin/rlogin.tar.Z.
           Installation instructions are included in the README file
           (which is included in rlogin.tar.Z).

           Checksum information for rlogin.tar.Z:
              BSD:      25285   317
              SystemV:  13021 633 rlogin.tar.Z
              MD5:      MD5 (rlogin.tar.Z) =
803ee38c2e3b8c8c575e2ff5e921034c

        C. Official fix 

           The official fix for this problem can be ordered as 
           APAR IX44254. 

           To order an APAR from IBM in the U.S., call 1-800-237-5511 
           and ask IBM to ship it as soon as it is available.
           According to IBM, this fix will be available in
           approximately two weeks.  APARs may be obtained outside the
           U.S. by contacting your local IBM representative.  


IV.  Description of Linux vulnerability

     A vulnerability exists in /bin/login for Linux systems.

V.   Impact of Linux vulnerability

     Any user, remote or local, can obtain unauthorized root access on
     the affected hosts.

VI.  Solution for Linux vulnerability

     A patch that addresses the remote access problem has been made
     available via anonymous FTP from sunsite.unc.edu: 

          /pub/Linux/system/Network/sunacm/URGENT/README.security
          /pub/Linux/system/Network/sunacm/URGENT/security.tgz

     The "security.tgz" file includes other security fixes in addition
     to the /bin/login patch. 

     Checksum information for README.security:
          BSD:      09575     1
          SystemV:  20945 1 README.security
          MD5:      MD5 (README.security) =
41d14d7b8725c7a1015adeb49601619b

     Checksum information for security.tgz:
          BSD:      32878   257
          SystemV:  40797 513 security.tgz
          MD5:      MD5 (security.tgz) = dd4585cf4da1b52d25d619bf45f55b75

     To address the local access problem, we encourage you to install
     a version of /bin/login that does not allow the -f option in the
     form "-f<user>", but only allows this option in the form 
     "-f <user>", as two arguments.  At this time, we do not know
     which versions of login.c are vulnerable.  As we receive
     additional information, we will update the CA-94:09.README file.
     Again, we encourage you to check this README file regularly for
     updates.

======================================================================
======
The CERT Coordination Center wishes to thank Axel Clauberg of
University of Cologne for reporting the IBM AIX problem, and 
IBM for their assistance in responding to this problem.
======================================================================
======

If you believe that your system has been compromised, contact the CERT
Coordination Center or your representative in Forum of Incident
Response and Security Teams (FIRST).

If you wish to send sensitive incident or vulnerability information to
CERT via electronic mail, CERT strongly advises that the e-mail be
encrypted.  CERT can support a shared DES key, PGP (public key
available via anonymous FTP on info.cert.org), or PEM (contact CERT
for details).

Internet E-mail: cert@cert.org
Telephone: 412-268-7090 (24-hour hotline)
           CERT personnel answer 8:30 a.m.-5:00 p.m.
EST(GMT-5)/EDT(GMT-4),
           and are on call for emergencies during other hours.

CERT Coordination Center
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA 15213-3890
USA

Past advisories and their associated README files, information about
FIRST representatives, and other information related to computer
security are available for anonymous  FTP from info.cert.org. 


---------------------------------------------------------------------
=========
Appendix

CA-94:09.README

This file is a supplement to the CERT Advisory
CA-94:09.bin.login.vulnerability of May 23, 1994, and will be updated
as additional information becomes available. 

We have received feedback from these vendors, who indicated that their
products are not vulnerable: 

     Amdahl
     Apple 
     BSD   
     BSDI  
     Harris
     HP    
     Motorola 
     NeXT     
     Pyramid  
     SCO      
     SGI      
     Solbourne
     Sony     
     Sun      

CERT has verified that the following vendor products are not vulnerable:

     Free BSD 

We have received feedback from these vendors, who have made patches
available to address the /bin/login vulnerability:

     IBM
       workaround:       see Section III. Solution for IBM AIX
                         vulnerability A. Workaround of CERT advisory
                         CA-94:xx 
       emergency patch:  software.watson.ibm.com:/pub/rlogin/rlogin.tar.Z
       Official patch:   APAR IX44254

     Linux  
       patch:  sunsite.unc.edu:/pub/Linux/system/Network/sunacm/URGENT/*





-- 
Eric Kimminau                       Workstation Systems Department
313-322-3431                        Product & Manufacturing Systems
ekimmina@pms709.pms.ford.com        Ford Motor Co.
Planning and Implementation         "Not an official Ford Spokesperson"
TIP#111

------------------------------

Crossposted-To: comp.os.386bsd.misc,comp.unix.unixware,comp.unix.solaris
From: hasty@netcom.com (Amancio Hasty Jr)
Subject: Re: A good NFS server ?
Date: Mon, 23 May 1994 17:07:35 GMT

In article <Cq9Cp8.IEp@novell.co.uk> msohnius@novell.co.uk (Martin Sohnius) writes:
>Craig I. Hagan (hagan@opine.cs.umass.edu) wrote:
>: Martin Sohnius (msohnius@novell.co.uk) wrote:
>: > Alan Cox (iiitac@uk.ac.swan.pyr) wrote:
>: > : In article <Cq1HGz.8w1@hippo.ru.ac.za> csgr@cs.ru.ac.za writes:
>: > : >[.. something about Linux and freeBDS...]
>
>: > : [.. something else about Linux and something about BSD in general...]
>
>: > Hey, you guys,  this whole thread is degenerating into a little
>: > NFS-on-BSD discussion!
>
>: the point is to get people talking about what is a good nfs
>: server. since linux isn't the best, people who need the
>: best now should be aware of their options. people developing
>: for linux should know where to look for implementation ideas. 
>: If i remember right, *BSD got a lot of nifty ideas
>: from linux already (and vice versa), isn't that the point
>: of free software and competition (even if it is friendly)?
>: I like having multiple free os's for the pc. it allows
>: [ .. etc...]
>
>The problem I was addressing is that this stuff is being CROSSPOSTED
>to comp.unix.unixware.  Now, UnixWare is most definitely NOT a 
>free operating system, and therefore has about the best NFS support
>imaginable. :-)  (I think it originates from Sun, through the old
>AT&T + Sun agreement.)
>

I don't mind to sound hard but isn't your statement a bit arrogant and
ignorant. Corporate hype serves its purpose inside your company.


Care to back up your statement with some hard facts?

At any rate, I doubt that you will post back. 

        Later,
        Amancio
-- 
FREE unix, gcc, tcp/ip, X, open-look, netaudio,  tcl/tk, MIME, midi,sound
at  freebsd.cdrom.com:/pub/FreeBSD
Amancio Hasty,  Consultant |
Home: (415) 495-3046       |  
e-mail hasty@netcom.com    |  ftp-site depository of all my work:    
                           |  sunvis.rtpnc.epa.gov:/pub/386bsd/X

------------------------------

From: alk@et.msc.edu (Anthony L. Kimball)
Subject: Q: Best video?
Date: 23 May 1994 17:35:26 GMT

What is the highest quality video configuration which is
supported by readily available linux software?  I am
considering the purchase of a PC, but only if I can meet
certain minimum standards of X11 performance.  I would
like 1280x1024 resolution, but I imagine 1024x768 is
marginally workable.  What is the minimum hardware
configuration which can support high resolution at
good performance, say on par with an m68030 Xterminal?


------------------------------

From: ch5372@eehpx15 (Chang-Hsun Jon Huang)
Subject: Just Computers
Date: 23 May 1994 18:25:39 GMT

First of all, I am truly sorry that my post has ill effected
Justs Computers, but not Mark Brownsen.  Please disregard my
suggestion to boycott Just Computers.  I benefit form the ease 
of CD-Rom linux, too. 
  But, please don't think that Mark Brownsen and his post is fictitious.
You can read the original posting on alt.chinese.text (as Randy already
discovered).
  Randy, I regret that my posting has any negative effect on your company.
It is the following lines made me conclude that Mark Brownsen is a part 
of your company:

~From: bigredd@justcomp.com (Mark Brownsen)
~Subject: Island of theives:Taiwan
Message-ID: <6BDNmc1w165w@justcomp.com>
Organization: Just Computers!  Voice 707/769-1648  BBS 707/765-1431
 
----
and
======

========================================================================
This message is brought to you by Just Computers!, resellers of CD-ROMs
      LINUX on CD-ROM, source code, libraries, etc at Great Prices!
********  Send e-mail to info@justcomp.com for more information ********

==========
There is no disclaimer!! I understand that the above lines may 
be important as an advertisement, but also it becomes a liability.


My apology to Just Computers,

Jon Huang
 




------------------------------

From: ccontrer@aguila.dpi.udec.cl (Carlos Contreras Bizama)
Subject: MAEstro under Linux ?
Date: Mon, 23 May 1994 20:27:46 GMT


Hi, wrote Carlos Contreras B.

Please I hope to know if it is possible to install in my computer the 
 MAEstro with Linux.It contains the following:

- 486/DX2 66Mhz
- Matsushita CD-ROM CR-563-x
- SoundBlaster 16 ASP
- VideoBlaster
- 8 M RAM 
- 234 M Hard Disk ( aprox. 217 M /dev/hda1 ; 16 M the swap. )
- Linux Slackware 1.2.0
- gcc/g++ 2.5.8
- Xview 3.2

 What are the instructions ?
 Please be as clear as you can in your instructions about the configuration.

P.S. : Excuse my English please it speak very although say :-))

    E-mail : ccontrer@aguila.dpi.udec.cl  or,
                                         ccontrer@halcon.dpi.udec.cl

Thanks for any help.
bye ( Carlos ).

------------------------------

From: ccontrer@aguila.dpi.udec.cl (Carlos Contreras Bizama)
Subject: book the linux
Date: Mon, 23 May 1994 20:35:38 GMT


Hi. wrote Carlos Contreras B.

        Please I want to know if there is any documentation about Linux, a book
would be better ( as the Andrew S. Tanenbaum's publication " Operating Systems "design and implementation, the subject of this book is mainly about Minix ).
It detail :

- Processes's Planification.
- Input/Output ( RAM disk, disk, clocks and terminals).
- Memory management.
- Files Systems.

        Is there any other book difference to The Linux Kernel Hacker's Guide, by
  Michael Jhonson ? 


Thanks for any help.

P.S. : Excuse my English please it speak very although say :-))

bye ( carlos ).
        
 E-mail : ccontrer@aguila.dpi.udec.cl  or,
                                  ccontrer@halcon.dpi.udec.cl
        

------------------------------

From: rjust@crl.com (Randy Just)
Subject: Re: Beware: Just Computers
Date: 23 May 1994 12:06:43 -0700

Randy Just (rjust@crl.com) wrote:
: Chang-Hsun Jon Huang (ch5372@eehpx3) wrote:

: We have tried to contact the above individual, but the e-mail is bouncing.
: Can someone please supply a valid e-mail address for the above?  Thanks.

: Randy Just
: Just Computers!
: rjust@justcomp.com OR rjust@crl.com

The following message has been posted by Jon Huang:


From nntp.crl.com!barrnet.net!agate!howland.reston.ans.net!vixen.cso.uiuc.edu!eehpx15!ch5372 Mon May 23 12:04:56 1994
Path: nntp.crl.com!barrnet.net!agate!howland.reston.ans.net!vixen.cso.uiuc.edu!eehpx15!ch5372
From: ch5372@eehpx15 (Chang-Hsun Jon Huang)
Newsgroups: comp.os.linux.misc
Subject: Just Computers
Date: 23 May 1994 18:25:39 GMT
Organization: University of Illinois at Urbana
Lines: 37
Message-ID: <2rqsf3$paa@vixen.cso.uiuc.edu>
NNTP-Posting-Host: eehpx15.cen.uiuc.edu

First of all, I am truly sorry that my post has ill effected
Justs Computers, but not Mark Brownsen.  Please disregard my
suggestion to boycott Just Computers.  I benefit form the ease 
of CD-Rom linux, too. 
  But, please don't think that Mark Brownsen and his post is fictitious.
You can read the original posting on alt.chinese.text (as Randy already
discovered).
  Randy, I regret that my posting has any negative effect on your company.
It is the following lines made me conclude that Mark Brownsen is a part 
of your company:

~From: bigredd@justcomp.com (Mark Brownsen)
~Subject: Island of theives:Taiwan
Message-ID: <6BDNmc1w165w@justcomp.com>
Organization: Just Computers!  Voice 707/769-1648  BBS 707/765-1431
 
----
and
======

========================================================================
This message is brought to you by Just Computers!, resellers of CD-ROMs
      LINUX on CD-ROM, source code, libraries, etc at Great Prices!
********  Send e-mail to info@justcomp.com for more information ********

==========
There is no disclaimer!! I understand that the above lines may 
be important as an advertisement, but also it becomes a liability.


My apology to Just Computers,

Jon Huang
 





------------------------------

From: nfykw@alf.uib.no (Kristian Mowinckel)
Crossposted-To: comp.os.linux.admin,comp.os.linux.help
Subject: problems with slip/dip and route.
Date: 23 May 1994 20:42:40 GMT

I have tried to get slip/dip top work again, but failed.
I replaced dip-3.3.7 with dip-3.3.7.lilo, but nothing changed.
Last time somebody mailed me and mentioned something about route.
Do somebody have any clue?
I'm using slackware 1.2.0 with linux 1.0


Greetings from,


Kristian August Mowinckel


host.conf :
order bind,hosts
multi on 

hosts :
127.0.0.1       localhost
129.177.137.42          nfy1.slip.uib.no nfy1
129.177.9.10    taxus.uib.no taxus
129.177.137.1   router gateway            

networks :
loopback        127.0.0.0
localnet        129.177.137.0        

ifconfig gives :
lo        Link encap Local Loopback
          inet addr 127.0.0.1  Bcast 127.255.255.255  Mask 255.0.0.0
          UP LOOPBACK RUNNING  MTU 2000  Metric 1
          RX packets 0 errors 0 dropped 0 overrun 0
          TX packets 0 errors 0 dropped 0 overrun 0

sl0       Link encap Serial Line IP
          inet addr 129.177.137.42  P-t-P 129.177.9.10  Mask 255.255.0.0
          UP POINTOPOINT RUNNING  MTU 512  Metric 1
          RX packets 0 errors 0 dropped 0 overrun 0
          TX packets 109 errors 0 dropped 0 overrun 0

route -nv gives :
Kernel routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use 
Iface
127.0.0.1       *               255.255.255.255 UH    0      0        0 lo
129.177.9.10    *               255.255.255.255 UH    0      0        0 
sl0
default         129.177.9.10    *               UG    0      0        0 
sl0

route gives :
Kernel routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
localhost       *               255.255.255.255 UH    0      0        0 lo
taxus.uib.no    *               255.255.255.255 UH    0      0       38 sl0
default         taxus.uib.no    *               UG    0      0        0 sl0

my dip script :
main:
  port cua1
  speed 2400

  get $local nfy1.slip.uib.no

  get $remote taxus.uib.no

  reset
  init ATZX4S50=0TS0=0

  send ATQ0V1E1X1M0\r
  wait OK 2
  if $errlvl != 0 goto error
  dial 55544038
  if $errlvl != 0 goto error
  wait CONNECT 60
  if $errlvl != 0 goto error

  get $mtu 512

  default

done:
  print CONNECTED to $remote with address $rmtip
  mode SLIP
  goto exit
error:
  print SLIP to $remote failed.
exit: 


------------------------------


** FOR YOUR REFERENCE **

The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:

    Internet: Linux-Misc-Request@NEWS-DIGESTS.MIT.EDU

You can send mail to the entire list (and comp.os.linux.misc) via:

    Internet: Linux-Misc@NEWS-DIGESTS.MIT.EDU

Linux may be obtained via one of these FTP sites:
    nic.funet.fi				pub/OS/Linux
    tsx-11.mit.edu				pub/linux
    sunsite.unc.edu				pub/Linux

End of Linux-Misc Digest
******************************
