[TAG] (forw) Re: (forw) Re: (forw) Re: lpr works for user not root in Basiclinux 2.1
keesan at grex.cyberspace.org
Tue Jan 30 01:41:21 MSK 2007
On Mon, 29 Jan 2007, Rick Moen wrote:
> Quoting Sindi Keesan (keesan at grex.cyberspace.org):
>> I never heard of SYN or P2P. I have heard of TCP but don't understand it.
> For your purposes, it probably doesn't matter, right? You can look it
> up when you need to know. (I could explain, but have no reason to think
> you need that information right now.
I have Running Linux ver 3 and some day will find time to read more of it.
There is a chapter on networking.
>> Is P2P the same as pointopoint used by PLIP?
> In this context (the "-sT" option portion of the nmap manpage), "P2P"
> just meant peer-to-peer, a family of Internet applications.
>> I never heard of any of this except NFS (something that lets you share
>> files between computers) and Sun (a type of hardware). I am rather fuzzy
>> about what a port is other than a number at the end of an IP address.
> I'm sure you'll learn more when you need to learn more. My point is that
> you don't need to understand everything in the nmap manpage to know how
> to use it. It should suffice for you to understand that I mentioned
> three types of nmap scans you can do, and gave sample syntax for each:
> (1) a scan of "TCP"-type services, (2) a scan of "UDP"-type services,
> and (3) an "ACK" scan that test firewall rules.
Do I need to test firewalls when I don't have one? I set one up once
when using one computer as a gateway, following simple instructions.
Do I need a firewall if I am not running servers and use a modem?
TCP Transmission Control Protocol send packets that are acknowledged
UDP User Datagram Protocol
I found 30 pages online at www.yiluda.net/manual/linux/rute/node29.html,
of which the first 5 are semiunderstandable without a dictionary.
> You can use that information without knowing exactly what TCP is or what
> UDP is, just using the additional information (also readily
> comprehensible by novices from the quoted manpage portions) that
> TCP/IP-using applications generally divide between those using TCP
> connections and those using UDP connections.
>> (I am not asking you for an explanation here, just pointing out why I
>> cannot make sense of the man pages).
> And I'm saying that's nonsense.
>> I still don't understand if I am supposed to be scanning my own system
>> from my own system or from somewhere else or not scanning my own system at
>> all - lots of apparently conflicting information from various people.
> You're a bright guy. Figure it out.
I am not a guy.
> You already know that some network services, if enabled at all, are
> reachable only from the machine itself. This should point out to you
> the limited usefulness of scanning a machine from itself: It's a bit
> like twisting your house's doorknobs from _inside_ the house to
> determine whether or not your house is locked. You're not really
> seeking to find out if people _inside_ the house can open the doors, but
> rather whether people _outside_ can.
>> I spent about 15 minutes looking for my temporary IP number in my own
> /sbin/ifconfig -a
ifconfig: ifconfig was not compiled with interface status display support
Part of busybox that I compiled. I should compile it again with this
support. The older /bin/busybox ifconfig that I replaced gives ppp0 inet
addr which looks like my IPLOCAL address.
I found my IPLOCAL number in /var/run/pppd.tdb, as the last of many. (It
matched what the website said it was).
>> I feel like I am
>> usually in way over my head.
> The feeling will eventually come to seem familiar, maybe even welcome.
Translating is like that much of the time. One day I need to understand
the rudiments of mine sweeping or guided missles, another day gamma
globulin or organophosphates. I do a lot of surficial online research.
>> Why would I want to use a live CD rather than two computers with the same
>> linux on them?
> If you don't happen to _have_ that second Linux machine, but can borrow
> an other-OS box briefly, possession of a live CD can be extremely handy.
We have the same linux on (let me count) 5 laptop computers, 9 desktops
here, 3 at each of two other locations, and a few test machines and spare
hard drives. I thought I had mentioned having lots of identical setups to
copy between if one failed, which they do once in a while when the hard
drive or motherboard dies. They all came to us free from friends,
neighbors, the curb, dumpsters, etc. We have several other computers that
I want to set up for friends and freecyclers with linux (Opera and
Abiword) instead of Win98 (WORD and IE). I can fit linux nicely into
under 100MB so have also added it to friend's working MS computers.
>> I can try to set up a firewall with ipchains and default gateway again
>> with crossover cable (if I can find my notes).
> Sure, if you wish.
> I hope you realise that your prior postings indicated that you'd nmapped
> the machine (well, for TCP services, anyway) from localhost, and found
> nothing at all running. Assuming that is reliable information (e.g.,
> that no intruder has installed a trojaned copy of nmap that omits
> crucial data), then obviously your host has nothing running (using TCP
> ports, anyway), and re-doing that check from a nearby host wouldn't tell
> you more.
That is why I asked if there is any point to doing this, other than for
How would someone install a trojanned copy of nmap when I never have any
ports open to come through? If I had a trojanned copy, why did I not
find it with 'which nmap', which finds any executables on the path, when I
renamed the downloaded nmap temporarily?
How can someone put files on my computer if I am not running a server and
I don't even download emails to my own computer (I use pine at a shell
account)? I even delete Opera cache on exit and it is not on the path
> The reason why nmapping from localhost is a bad idea (leaving aside the
> problem of trojaned copies) is that it _overreports_ by including
> services reachable only locally, whereas what's actually of interest are
> those services that other machines will see and can use.
The X server is my only service, and it is only reachable locally.
So in my case why should I run nmap to scan my system if I am not running
any servers on it besides X?
>> Is that what you meant by 'same ISP point of presence'?
> A "point of presence" (in this context) is basically a cluster of
> dial-in numbers that reach the same ISP router.
I cannot dial in twice at the same time to the same ISP without having two
accounts. If I tried they might be annoyed.
>> And what would I learn other than that I do not have any open ports
>> because I am not running any servers (unless a default gateway in my own
>> local network is a server of some sort)?
> I didn't tell you to run nmap.
Someone on the TAG list asked about chkrootkit and someone said to scan my
ports so I downloaded programs to do both, and neither of them found any
problems or potential problems. I am at least learning a lot.
> I was just suggesting ways to use it effectively _if_ you have reason to
> use nmap -- and also proving to you that, no, you certainly do not need
> to understand its 100 pages of manpage, to use it.
If I understand correctly, I have no reason to use it unless I want to run
things like ftpd or sshd while I am online. I ran pureftpd once as an
experiment to check if I had a way to transfer files via ethernet to and
from a Windows computer. Offline.
I will, unless someone explains why not to, set up friends to load X and
rxvt as root, insert modules and dial as root, then go online su user with
Opera, just in case Opera can be hijacked somehow to do something nasty on
the computer running it.
9.02 has major security fixes but the two versions I downloaded require a
later glibc, which (from Slackware) requires a later kernel than we have,
which is not impossible. Should I be concerned about the following:
the RSA signature checking problem found in openssl
a URL tag parsing heap overflow that could potentially execute code
My friends do not need the added features - Bittorrent support, Widgets,
or Acid 2, or IMAP mailer code. They mainly want to write webmail.
More information about the TAG