Berkeley CSUA MOTD:2000:August:02 Wednesday <Tuesday, Thursday>
Berkeley CSUA MOTD
2000/8/2-4 [Computer/SW/OS/Linux, Computer/SW/OS/Solaris] UID:18846 Activity:high
8/1     I set up IP masquerading and it works for my intranet...
        but do I need two NIC's to get it to also connect to the Internet?
        \_ You do need two network interfaces.  they dont _necessarily_
           have to be two separate physical nics, but its recommended.
           \_ Logically interfaces can put a lot of load on your system
           \_ Logical interfaces can put a lot of load on your system
              depending on how other systems are connected to it.
              \_ This is only for a week or two before my stupid ISP assigns
                 me more IP addresses. How do I create logical interfaces?
                 "route"? Pointer to a FAQ would be great.
                  \_ Its something like ifconfig <int>:<num>. man ifconfig
                     on your system. ----ranga
                     \_ are you sure? Ifconfig seems to be for configuring
                        existing network interfaces? I don't see anything
                        relating to that in the ifconfig manpage
                        "Ifconfig is used to configure the kernel-resident
                        network interfaces."
                        \_ AFAIK, the following creates a logical interface
                           on Linux:

                           # ifconfig eth0:1 aaa.bbb.ccc.ddd

                           where aaa.bbb.ccc.ddd is the IP address. Its
                           similar on Solaris:

                           # ifconfig hme0:1 aaa.bbb.ccc.ddd up

                           Don't have a Solaris machine handy to try it.
                             ifconfig eth0:1
                             SIOCSIFADDR: No such device
                             SIOCSIFFLAGS: No such device
                             \_ You must have CONFIG_IP_ALIAS enabled
                                (compiled or loaded) in the kernel. --Galen
                                \_ Thanks.
                             \_ Is eth0 even the name of this person's NIC?
                                \_ Yes.
        \_ Summary: 1) Use this syntax: "ifconfig eth0:0 up",
           replacing eth0 with the obvious, on Linux or Sun. 2) On linux, you
           need CONFIG_IP_ALIAS in the kernel. 3) You are really much better
           off with a real second network card. --Galen
        \_ Summary: 1) To create a virtual interface use this syntax:
           "ifconfig eth0:0 up", replacing eth0 with the obvious, on
           Linux or Sun. 2) On linux, you need CONFIG_IP_ALIAS in the kernel.
           3) You are really much better off with a real second network card.
           \_ wrong name. If you do that on sun, you get the "real" if.
              get into the habit of using eth0:1
2000/8/2-3 [Computer/SW/Security] UID:18847 Activity:kinda low
8/1     The java SSH client we have running does not use https:// so i
        assume that when i put in my password it gets sent plain text.
        isn't the whole idea of dis-allowing telnet was to aviod the
        sending of plain text passwords?
        \_ nothing to do with it.  the http part is just to download
           the ssh client locally.  from there, you run ssh which
           creates a secure connection to the remote host (which is
           where your password gets transmitted).
           \_ What (s)he said.  Of course, if you're really paranoid, you
              should care that you didn't download the java ssh client via
              https, because someone who noticed you fetch it a lot could
              hijack your download and replace the safe app with a compromised
              one.  Unlikely?  Sure!  But then again... you're using ssh
              instead of telnet, so....
              \_ I thought this would be a problem too. But when running
                 unsigned Java applets, aren't network connections
                 restricted to the host that the applet was loaded from?
                 This wouldn't eliminate the vulnerability, but it would
                 at least limit it. (A rogue program would have to be
                 set up on the web server which listened for connections
                 from hacked ssh clients.)
                 \_ That's the theory.  You trust it in practice?
2000/8/2-3 [Computer/SW/OS/Windows] UID:18848 Activity:high
8/1     I'm running Win2000 and I just got DSL.  If I run a firewall
        (ZoneAlert) and turn off Windows networking, is my computer
        basically secure?  Specifically, do I have to worry about someone
        hacking my administrator password?
        \_ Turn off drive shares.  Dispose of firewall software.
           Don't run any servers (ftp/http).  Done.
           Don't run any servers (ftp/http).  Don't run exec attachments.
        \_ Turn off drive shares.  Install all MS Windows updates.
           Don't run exec attachments.  Basically you are now worried
           about running something which installs BackOrifice.  Otherwise
           at this point your windoze computer is very secure in the
           hackers-on-your-DSL-line sense.
        \_  there are also sites on
           the web which will auto-test your security.  Oh and btw, rturn
           of telnetd, ddns, and any netbui shit.
        \_ I don't run any services on mine so I blocked everything incoming
           below port 1025.  The sharing and other crap I left on for my
           intranet on a different NIC.  Ports 135,139 (and 137 for 95/98?)
           are the MS bite-you ports.  I noticed 2k also uses some stuff in
           the mid 400s or 500s range as well.
2000/8/2 [Uncategorized] UID:18849 Activity:nil
8/1     How do I keep screen from putting stuff in the title bar of
        rxvt? I like it better when it displays it at the bottom
        of the terminal.
        \_ Add "hardstatus off" to your .screenrc.  --mconst
           \_ Thanks. ----ranga
2000/8/2 [Recreation/Dating] UID:18850 Activity:high
8/1     Do all men fantasize about having sex with two women at the same
        time?  My BF has started giving me hints that he likes to try that.
        I'm wondering if I should try it to spice up our sex life.
        \_ Ask him if he wants to try another guy in bed first.
        \_ This sounds like a guy wrote it.
                \_ of course a guy wrote it.  -tom
                   \_ This sounds like a guy wrote it.
           \_ maybe they are gay and confused
           \_ Men only have one dick.  One woman at a time please.
              \_ I have 3.
        \_ i think most men fantasize about this, yes.
                   \_ most? try virtually all
                      \_ most guys also have this thing for
                         two women getting it on.
           go for it; chicks are good.
        \_ most guys think about it. But if he actually suggests it, it
           means he's probably getting bored with you, and your time
           is coming to an end. Unless you like torturing yourself by
           sticking with him while he reverts to his days of
           being single and screwing around.
        \_ List the two women you'd like to have sex with at the same time!
        \_ List the two women you'd like to have castrate you!
           \_ chris & ahm.
           \_ Denise Richards and Lorissa McComas
           \_ Kathleen Wiely and Monica Lewinsky. -BC
           \_ tawei and benco
Berkeley CSUA MOTD:2000:August:02 Wednesday <Tuesday, Thursday>