KCLUG October 2004

53 participants
175 discussions

Re: Bittorrent
by Brian Kelsay 07 Oct '04

07 Oct '04

With Bittorrent and its brother BitTornado, getting a file becomes as easy as double clicking on it and choosing where to save. That is pretty easy if you ask me. Now for those with a firewall, there are simple instructions on the BitTornado site. You do need to know how to login to and alter your firewall. I opened a range of ports quite easily on IPCop, which I then disable after I finish getting the torrent and serving for a while. As for the Starband users problems, we know it is a problem. Ask someone to download an ISO for you like the dialup users do. It took about 20-30 minutes for me to get Xandros last night. A few minutes to burn. Hope I remember that part when I get home. As was discussed on IRC, it would be nice if the FTP would fail over to torrent if the server has more than a certain amount of requests, but at the least, the tracker could come from the same location as the ISO. It is useful that at least the links to ftp and torrent are usually on the same webserver page. ----------------------------------------------------------------------------------- >>> Oren Beck <oren_beck(a)hotmail.com> 10/05/04 02:00PM >>> Sadly the concept of blaming the user is easier than making things simply work . Making things work simply is the truly non-trivial part we often forget about . Your idea of an alternate protocol is quite well advised . If no other reason than to allow the early adopters some way to GET the Torrent software itself . Even then alternate protocols are smart due to some of us not easily adopting Torrent for several reasons . Forgetting * any* software issues being the problem what then of us on connections totally unfriendly to Torrent. For example Starband and other upload speed restricted users . The core concept of Torrent was never in doubt , it's the deploying that needs work . What is very disturbing to me is that certain un-named players seem to be profiteering on the altar of Torrent ! Charging someone $ 10 for a HTTP download but free as Torrent seems quite extreme . Not mentioning those who as above are disadvantaged in access to Torrent for whatever reason . I could even understand a priority launch of Torrent seeding to FTP or HTTP sites on day zero as Slashdot effect prevention by load balancing thru redundancy in mirrors -THAT seems a good Torrent use . Brian Kelsay

3 2

RE: firewalls and webservers request for comments
by aaron hirsch 07 Oct '04

07 Oct '04

> Ok, y'all know I've got me one of them thar webservers > out there in the WWWild. I run a minimal firewall (aka > iptables). I'm wondering though what the consensus is > on running a full-blown firewall like say IPCop on a > server that is a busy box. My webserver is also a mail > server and naturally a webmail server. What are the benefits > of say adding a second box and running a full-metal jacket > firewall like IPCop, and can you run a webserver/mailserver > on the same box as IPCop (that is without ripping out the > guts of IPCop so it's no longer an IPCop version but some > chopped up hacked up Frankenstein monster)? If you are only running the services you need to be running and have locked down your system fairly well a firewall, either internal or external, is mostly pointless. If you're running an E-mail server and WWW server you'll need the following ports open: 25 SMTP 80 WWW 110 POP3 143 IMAP Possibly some others for SSL encrypted POP, IMAP, WWW and possibly SSHD if you're going to do remote administration. Putting a firewall in front of this box, or using iptables, is mostly a waste of time because you'll need all of these ports open to most every Internet IP address anyway or they can't provide their services. Firewalls aren't a magic bullet. Most every service you run on a Linux box can be IP restricted on it's own or if not you can use iptables to do this. That's all firewalls really do IP restrict who can access what ports. Considering most, if not all, of your services need to accessible from the entire Internet I wouldn't worry about a firewall. Why tell anyone here are the ports you will need to have open when all they have specified is services? Wouldn't it have been better to ask IF they wanted pop3/pop3s/imap/imaps before telling them to open xyz ports? I'm not trying to be a dick, but get the facts before telling someone to open xyz ports. Why should they open pop3 to the world if they are going to use imap, or vice-versa; heck why open them to the world at all if they are going to use webmail and imap and pop3 access are only required from the webserver? I've set up many mail servers where the only service available to the world is smtp, port 25, and http/https. Why open the door further than it needs to be?

2 1

firewalls and webservers request for comments
by Brian Densmore 07 Oct '04

07 Oct '04

Ok, y'all know I've got me one of them thar webservers out there in the WWWild. I run a minimal firewall (aka iptables). I'm wondering though what the consensus is on running a full-blown firewall like say IPCop on a server that is a busy box. My webserver is also a mail server and naturally a webmail server. What are the benefits of say adding a second box and running a full-metal jacket firewall like IPCop, and can you run a webserver/mailserver on the same box as IPCop (that is without ripping out the guts of IPCop so it's no longer an IPCop version but some chopped up hacked up Frankenstein monster)? Brian Densmore <Bush> Kerry voted 350 times for Tax increases! <Factcheck.org> U R an idiot, Bush. No he didn't! <Bush> Kerry voted 98 times for tax increases! <Factcheck.org> U R such an Idiot, Bush! No he didn't! <Bush> Uhh... Factcheck.org is an unlawful combatant!

2 1

Re: RE: Help configuring email server...
by Brian Kelsay 07 Oct '04

07 Oct '04

Congratulations on not giving up and starting from scratch. Why don't you point us to the documentation that you found helpful? I would like to try exim or postfix for one of my next home server projects and could use the help. Exim is installed by default on Debian server class installs, instead of Sendmail, IIRC. Or was that postfix? Smarthost usage is what allows your mail to be relayed thru the ISP SMTP server. Your mail gets a note in the header that it was relayed via a smarthost and so it is allowed at some destinations that would have previously bounced the mail, since you don't own the IP address. Reverse DNS of mdg.homelinux.net, shows RoadRunner owning the IP address instead matching the owner of mdg.homelinux.net. If you had a business class account you would get static IPs and RR would handle the reverse DNS to look right to the world. Some mail servers will still block your mail however, because your IP is in the range of a broadband provider and they choose to blanket block all those IPs. Some choose also to block ranges that are assign to countries such as China and Korea that are notorious for spammers and open relays. On the MX host settings to use at dyndns.org, read their FAQ on MX and then read it a few more times. I did and it eventually made sense. If you have a firewall that is accepting all outside connections from one IP address and forwarding to the appropriate server, then you may be able to leave the MX blank. DNS will then use the same IP address as the rest of the domain. http://en.wikipedia.org/wiki/MX_record Brian Kelsay >>> <linux(a)bizniche.com> 10/07/04 09:46AM >>> >It's nearly there! I decided to give exim one more shot, and then move >to sendmail if I still can't get it going. Following the advise in >several emails, I found a few errors and corrected them. Earlier, for >a test, I setup an account in fetchmail to see where _that_ mail would >end up, and after correcting my errors, it those messages (from the >pop3 account fetchmail was pulling down) ended up in my inbox. (Viewed >in mutt.) That was encouraging. New mails to that account also end up >in my inbox. So...SOMETHING is working right. >I still can't get local mail (mail -s "testing" mdg) or mail sent straight to mdg(a)mdg.homelinux.org to get to my inbox though. The other issues, that I figured I would deal with last, is that reading through the exim logs, I find that some test mails I sent from the mdg(a)mdg.homelinux.org account are rejected by the recipient server, and it tells me to stop using a dhcp host, and to use my isp's smarthost. Also, this domain is a dyndns.org domain, and it lets me setup an MX host for this domain. I assume it would be mdg.homelinux.org. So...great help so far. I'm not quitting this time...I'm getting this thing going if it kills me. Here is a question that I've wondered about. I see great benefit by using fetchmail and some spam filters together. I have a few pop3 accounts that I check via thunderbird. It seems like I could have my little linux email server checking these for me, filtering the spam, and making the emails availble in an IMAP format (which I prefer.) Knowing that...Can I also _send_ from each of these accounts, through my linux server? That is...if fetchmail is pulling mail from mdg(a)domain1.com and mgraham(a)otherdomain.com, and I'm reading them trough an IMAP setup in thunderbird...can I respond to these mails and have them come from mdg(a)domain1.com and msgraham(a)otherdomain.com respectively? It seems like they'd always come from mdg(a)mdg.homelinux.org. Right? Matt

1 0

Re: RE: Help configuring email server...
by linux＠bizniche.com 07 Oct '04

07 Oct '04

Brian Densmore <DensmoreB(a)ctbsonline.com> wrote on 10/07/2004, 03:33:19 PM: > So what happened with your mail server? Get it working? It's nearly there! I decided to give exim one more shot, and then move to sendmail if I still can't get it going. Following the advise in several emails, I found a few errors and corrected them. Earlier, for a test, I setup an account in fetchmail to see where _that_ mail would end up, and after correcting my errors, it those messages (from the pop3 account fetchmail was pulling down) ended up in my inbox. (Viewed in mutt.) That was encouraging. New mails to that account also end up in my inbox. So...SOMETHING is working right. I still can't get local mail (mail -s "testing" mdg) or mail sent straight to mdg(a)mdg.homelinux.org to get to my inbox though. The other issues, that I figured I would deal with last, is that reading through the exim logs, I find that some test mails I sent from the mdg(a)mdg.homelinux.org account are rejected by the recipient server, and it tells me to stop using a dhcp host, and to use my isp's smarthost. Also, this domain is a dyndns.org domain, and it lets me setup an MX host for this domain. I assume it would be mdg.homelinux.org. So...great help so far. I'm not quitting this time...I'm getting this thing going if it kills me. Here is a question that I've wondered about. I see great benefit by using fetchmail and some spam filters together. I have a few pop3 accounts that I check via thunderbird. It seems like I could have my little linux email server checking these for me, filtering the spam, and making the emails availble in an IMAP format (which I prefer.) Knowing that...Can I also _send_ from each of these accounts, through my linux server? That is...if fetchmail is pulling mail from mdg(a)domain1.com and mgraham(a)otherdomain.com, and I'm reading them trough an IMAP setup in thunderbird...can I respond to these mails and have them come from mdg(a)domain1.com and msgraham(a)otherdomain.com respectively? It seems like they'd always come from mdg(a)mdg.homelinux.org. Right? Matt > > Hey everyone: > > > > For some reason, understanding how to run a for-fun email server is > > beyond me. So, I'm trying to get this configured one step at a time. > > I find some tutorials online that say..."Yeah, just setup exim, > > fetchmail, squirrelmail, courier-imap, and spamassassin and you're > > almost there!" That sounds like a lot to me. So...I'm > > starting small. > > First things first, I want to get exim working with courier-imap. > > > > Here is my setup, then I will show the errors I'm getting: > > > > Debain Testing > > exim > > courier-imap > > Timewarner cable > > mdg.homelinux.org pointing from dyndns.org to my server. > > > > Here is a snip of my exim conf. (the parts that seem relevant) > > ===== > > host_accept_relay = 127.0.0.1 : ::::1 > > host_auth_accept_relay = * > > local_delivery: > > driver = appendfile > > group = mail > > mode = 0660 > > mode_fail_narrower = false > > envelope_to_add = true > > return_path_add = true > > #file = /var/mail/${local_part} > > directory=${home}/Maildir > > maildir_format = true > > prefix="" > > =================== > > > > My /etc/login.defs file has: > > QMAIL_DIR Maildir/ > > #MAIL_DIR > > MAIL_FILE Maildir/ > > > > ================== > > > > And my /etc/pam.d file has: > > session optional pam_mail.so standard noenv dir=~/Maildir > > > > =================== > > > > In my home dir, I have a .forward with: > > ~/Maildir > > > > I also have a folder called Maildir with mdg:mail ownership. > > > > ==================== > > > > Now, when I log into mutt, and send a test mail somewhere, it > > works just > > fine. Comes from mdg(a)mdg.homelinux.org. When I try to mail back, I > > get this header: > > ----- Message header follows ----- > > > > Received: by 10.11.98.52 with SMTP id v52mr399875cwb; > > Mon, 04 Oct 2004 08:47:12 -0700 (PDT) > > Received: by 10.11.98.53 with HTTP; Mon, 4 Oct 2004 08:47:12 > > -0700 (PDT) > > Message-ID: > > Date: Mon, 4 Oct 2004 10:47:12 -0500 > > From: Matt Graham > > Reply-To: Matt Graham > > To: Matt Graham > > Subject: Re: Testing > > In-Reply-To: > > Mime-Version: 1.0 > > Content-Type: text/plain; charset=US-ASCII > > Content-Transfer-Encoding: 7bit > > References: > > ======================== > > > > > > And I see this in my exim log: > > > > > > 2004-10-05 13:08:02 Start queue run: pid=5976 > > 2004-10-05 13:08:02 1CEnRF-0001Pe-00 == ~/Maildir/(a)mdg.homelinux.org > > directing defer (-41): retry time not reached > > 2004-10-05 13:08:02 1CEXlE-000104-00 == ~/Maildir/(a)mdg.homelinux.org > > directing defer (-41): retry time not reached > > 2004-10-05 13:08:02 1CEXfM-0000zL-00 == ~/Maildir/(a)mdg.homelinux.org > > directing defer (-41): retry time not reached > > 2004-10-05 13:08:02 1CEXIh-0000xp-00 == ~/Maildir/(a)mdg.homelinux.org > > directing defer (-41): retry time not reached > > 2004-10-05 13:08:02 1CEXIg-0000xp-00 == ~/Maildir/(a)mdg.homelinux.org > > directing defer (-41): retry time not reached > > 2004-10-05 13:08:02 1CEXcW-0000zA-00 == ~/Maildir/(a)mdg.homelinux.org > > directing defer (-41): retry time not reached > > 2004-10-05 13:08:02 End queue run: pid=5976 > > > > ========================

2 1

RE: A favor with a common cause
by Brian Densmore 06 Oct '04

06 Oct '04

I'll try it when I get home and let you know. I don't see why it would be a problem. especially since a simple cat does what is needed. > -----Original Message----- > From: Brian Kelsay > > Will it allow you to write a .img file in raw format like > rawwrite and dd? Before I messed around with Linux LiveCDs I > used a lot of floppy based distros. It hasn't been all that > long since I did this, but using KDE to write the .img file > was never mentioned, always rawrite or dd. If this feature > is now available, then cool. I seem to recall now that the > creator of rawwritewin was working on a rawwritelin, but it > wasn't in a useable state at the time I last looked. If it > is done or I am imagining things, then I stand corrected. > > > Brian Kelsay > > >>> "Brian Densmore" <> 10/06/04 12:06PM >>> > When I want to create a floppy in Linux I use Konqueror > and drag what I want selected into the /dev/floppy location. > Then presto chango KDE asks me if I want to move, copy or link > and I say copy and automajically the floppy is created. I can also > right click on the floppy icon and format the disk, mount it, > unmount it, or open it. > > _______________________________________________ > Kclug mailing list > Kclug(a)kclug.org > http://kclug.org/mailman/listinfo/kclug >

1 0

RE: A favor with a common cause
by Brian Kelsay 06 Oct '04

06 Oct '04

Will it allow you to write a .img file in raw format like rawwrite and dd? Before I messed around with Linux LiveCDs I used a lot of floppy based distros. It hasn't been all that long since I did this, but using KDE to write the .img file was never mentioned, always rawrite or dd. If this feature is now available, then cool. I seem to recall now that the creator of rawwritewin was working on a rawwritelin, but it wasn't in a useable state at the time I last looked. If it is done or I am imagining things, then I stand corrected. Brian Kelsay >>> "Brian Densmore" <> 10/06/04 12:06PM >>> When I want to create a floppy in Linux I use Konqueror and drag what I want selected into the /dev/floppy location. Then presto chango KDE asks me if I want to move, copy or link and I say copy and automajically the floppy is created. I can also right click on the floppy icon and format the disk, mount it, unmount it, or open it.

2 1

RE: A favor with a common cause
by Brian Densmore 06 Oct '04

06 Oct '04

When I want to create a floppy in Linux I use Konqueror and drag what I want selected into the /dev/floppy location. Then presto chango KDE asks me if I want to move, copy or link and I say copy and automajically the floppy is created. I can also right click on the floppy icon and format the disk, mount it, unmount it, or open it. Soon I'm sure I'll be able to choose sing or dance too. I never use CLI for tasks that are just too mundane or easy to do from the GUI. Why should I? It's faster to drag-n-drop and click an ok button than it is to switch to a CLI and type in the whole long command. The CLI is great to know, but when I build furniture I don't go out and cut down a tree and process the wood into properly dimensioned lumber first. I know how, just as I know how to make logic gates from transistors, but you don't see me building electronic devices from individual transistors. I use premade ICs for this type of work. Granted it's important to know the basics and the barebones stuff, but come on people, why torture ourselves and newbies trying to make them use the CLI for everything under the sun when a perfectly usable GUI can do it so much easier. </CLI rant> <dons asbestos suit> > -----Original Message----- > From: Brian Kelsay >

1 0

Re: A favor with a common cause
by Brian Kelsay 06 Oct '04

06 Oct '04

Rawwritewin is the one I use. http://uranus.it.swin.edu.au/~jn/linux/rawwrite.htm Brian Kelsay >>> Jonathan Hutchins <hutchins(a)tarcanfel.org> 10/06/04 10:24AM >>> On Tuesday 05 October 2004 03:59 pm, Brian Kelsay wrote: >I still feel more comfortable with that tool (rawwrite) than dd. I think rawwrite gives better feedback. I had two out of three floppies that were bad on Monday trying to write a bootable disc, ended up using Windows to write it for that very reason.

1 0

Re: towards bittorrent proxying (was Re: Bittorrent)
by Brian Kelsay 06 Oct '04

06 Oct '04

Comments inline. > Jonathan Hutchins <> 10/06/04 10:28AM >>> >>On Tuesday 05 October 2004 10:05 pm, Brian Kelsay wrote: >> I agree. BitTorrent works. >If you haven't had problems with it, you're not much help troubleshooting it. Why not? I read enough while setting it up to understand how it works. What is your specific problem, other than, it doesn't work? >My firewall's built from scratch, so I have a pretty good idea how it works. >It does work. If you've not had problems with your firewall, then you are not much help troubleshooting there. You've never had a problem, so you must not know anything about it. This door swings both ways. >Bittorrent doesn't. But why or how does it not work? Give us something specific. You sound like a newbie when you do this. You should read the Jargon file regarding asking for help. http://www.catb.org/~esr/faqs/smart-questions.html >Note that this is the problem: for the fortunate, bittorrent works. For the >rest of us, it doesn't, and short of a major effort to troubleshoot it, it >won't. Most of us aren't going to put that effort in, especially if there's >something available via FTP that will do the job we're actually trying to do. Fortune/luck/karma/mojo/magic has nothing to do with it. It is a piece of software with specific requirements. It must be installed in a specific way to one place or another in the filesystem depending on if you have a packaged binary or self-compiled binary. It may then need to be configured to work with your particular network as it is a network interacting program. You will then need to open the specific range of ports in your firewall to match the config file. Waving a dead chicken over it won't help. http://en.wikipedia.org/wiki/BitTorrent If you aren't going to put effort in to fix your problem, then no one will want to help you. Any time I am instructing a user on how to avoid spyware and viruses or attacks by computer gremlins, if I notice they aren't paying attention I stop. I tell them that if they don't care to learn then I'll see them in a few weeks when they have the same problem. It's not worth my time or effort at that point. If you want to state specific problems about a specific piece of hardware or software along with the steps you have taken so far, then I'm sure someone will be glad to help you. Look at Oren's and Hanasaki's problems from yesterday or mine from a few days ago. How quickly were those solved? Darkweb is supposed to bring his firewall in for a look-see tonight at the meeting too. If FTP works for you, cool, use it. BitTorrent is not the be all, end all in file transfer. It is VERY good at moving ISO files or big files on release day thru the first week or month and sharing the load in the process. If you can't get an ISO via either method, ask. I have downloaded many distros for people because the same was done for me. At most businesses you wouldn't be able to use BitTorrent as most ports are blocked to prevent filesharing. This is because of the MP3 hounds on Kazaa. >All the "helpful" suggestions from people who've never had a problem with >bittorrent notwithstanding, _FTP_ works. I tried to be helpful with the information given. I gave a general outline of how I got mine working. It was a head scratcher for a few minutes as I was tired from work, but I was very motivated. I really wanted the new Knoppix and it was only avail. via BT. I didn't mean to rant, but I do that sometimes. I did and I do try to be specific and thorough with my answers so there is not much back and forth. If I need to get several pieces of info to solve a problem, I ask for them all at once. I occasionally harp on spelling and grammar because they are important in deciphering the problem or question. If you have read some of the gobbledegook in forums I have, then you will understand. Somewhere there are a lot of 15 yr. olds that are still in need of help, because they can't string a few words together in the proper order to make themselves understood. To all those I have harped on or joked with about these subjects, this is the reason. I can't say that I will stop. Grammar Nazi out. Brian Kelsay

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

KCLUG October 2004