[TAG] (forw) Re: (forw) Re: (forw) Re: lpr works for user not root in Basiclinux 2.1
keesan at grex.cyberspace.org
Mon Jan 29 09:41:13 MSK 2007
On Sun, 28 Jan 2007, Rick Moen wrote:
> Quoting Sindi Keesan (keesan at grex.cyberspace.org):
>>> _Obviously_ you don't read the whole thing. Looking up and
>>> understanding the options I cited would take you all of 15 minutes.
>> But I don't understand the words they are using to explain the concepts.
> [Rick reviews the manpage.]
> No, that objection really isn't reasonable. Quoting the options'
> -v: Increase verbosity level (use twice for more effect)
I understand this part.
> Show more detail.
> -sT (TCP connect() scan)
> TCP Connect() scan is the default TCP scan type when SYN scan
> is not an option.... This is the same high-level system
> call that web browsers, P2P clients, and most other
> network-enabled applications use to establish a connection.
I never heard of SYN or P2P. I have heard of TCP but don't understand it.
Is P2P the same as pointopoint used by PLIP?
> Test using the same TCP connection type most apps use.
> -sR (RPC scan)
> ...takes all the TCP/UDP ports found open and floods them
> with SunRPC program NULL commands in an attempt to
> determine whether they are RPC ports....
> So, adds a check for some particular -type- of connection (called
> "SunRPC" -- which happens to be, FYI, used primarily for NFS/NIS).
I never heard of any of this except NFS (something that lets you share
files between computers) and Sun (a type of hardware). I am rather fuzzy
about what a port is other than a number at the end of an IP address.
(I am not asking you for an explanation here, just pointing out why I
cannot make sense of the man pages).
> -O: Enable OS detection
> -oN ...: Output scan in normal... format....
> Where to log to, instead of just echoing to screen.
> -n ...: Never do DNS resolution....
> What IP I, in my particular case, was telling nmap to scan, at that
I still don't understand if I am supposed to be scanning my own system
from my own system or from somewhere else or not scanning my own system at
all - lots of apparently conflicting information from various people.
I spent about 15 minutes looking for my temporary IP number in my own
computer. It was not in dmesg. The online site provided it. I was rather
proud of myself for figuring out the local host IP number so I could scan
I do not have any formal computer training except a semester of Fortran
IV. I never had any reason to study TCP stuff before on my own. I am
teaching myself enough linux to do what I want it to do. I feel like I am
usually in way over my head. Our little distribution is friendly to
beginners. I contacted TAG when nobody in four years figured out why lpr
was not working for root, partly because I got an email a year or two ago
asking for new topics from people who had asked for help before, and I
could not find any answers on the web. You are overestimating my
abilities and experience.
> -sU (UDP scans)
> Nmap can help inventory UDP ports. UDP scan is activated
> with the -sU option.
> Finds UDP-oriented services.
I don't know what UDP is other than a word that shows up in dmesg near
> -sA (TCP ACK scan)
> ...is used to map out firewall rulesets, determining whether they
> are stateful or not and which ports are filtered.
Not if you don't know what an ACK or ruleset is or what stateful means or
what it means for a port to be filtered or what a port even is.
I have a vague idea what a firewall is because I was given instructions to
type two lines to create one when I was trying to go online with two
computers at the same time without a telnetd.
> Now, if you'd asked our help in interpreting results of such scans, that
> I could have respected. But saying "I can't deal with that" is
> difficult to respect.
I could give you a few sentences to translate from Turkish or Albanian
using an online dictionary if you want to know what it is like to be faced
with pages on pages of text full of words you don't know used for concepts
you know even less about. (I work as a translator and have studied both
languages). All you need to do is look up the words and teach yourself a
bit of grammar and hope you understand the subject matter enough to help
make sense of it all.
>> If I cannot scan from my own computer or while online, how do I scan?
> A second, network-wise "nearby" machine would be best. It could be
> something as simple as a borrowed PC running a Knoppix live CD,
> connected to yours via a crossover cable between the two machines'
> ethernet ports. _Or_ it could be a second dial-in machine connected to
> the same ISP point of presence, so that you have minimal circuitry
> between the machines.
Why would I want to use a live CD rather than two computers with the same
linux on them? I am not familiar with Knoppix and I do know how to use my
own linux to some degree. We have lots of old computers given to us by
friends who can't use them for the latest MS OS. The reason I wanted to
use lpr is because we are setting them up for friends and people on the
local freecycle list to use and most of them want to print from a browser
or wordprocessor, which I never needed to do in linux. Some of them have
had lots of problems with Windows viruses and spyware, etc, and are
willing to try linux instead.
I cannot dial into the ISP from two computers at the same time, if that is
what you are suggesting.
I can try to set up a firewall with ipchains and default gateway again
with crossover cable (if I can find my notes). And dial with the default
gateway. Is that what you meant by 'same ISP point of presence'?
I assign each computer an IP number with ifconfig to establish a local
network (after inserting network modules). The ISP assigns the computer I
dial with another IP number. Do I run a scan on the IP number assigned by
the ISP or the one I assigned to that same computer?
And what would I learn other than that I do not have any open ports
because I am not running any servers (unless a default gateway in my own
local network is a server of some sort)?
I will try to make some sense of the chapter in Running Linux.
I am afraid that you have overestimated my knowledge. I have similar
problems if I pronounce things properly and use the correct syntax in
another language - people talk back to me much too quickly with unfamiliar
Thanks for your time
Naten e mire (Albanian for 'good night' - it got to be 1:35 am here).
More information about the TAG