As Andy suggested, Anyone have ideas? Like to see something presented? Anyone done much with LDAP servers? Authentication? Network security? iptables? One thing i would like to know. I currently have an iptables FW setup with logging of all rejected packets. Something similar to LogWatch that summarizes the rejected packets would be nice. Tell me who is port scanning me and stuff like that(Statistics gathering). -- ¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø Karl Hiramoto <karl@hiramoto.org> Work: 978-425-2090 ext 25 Cell: 508-517-4819 Personal web page: http://karl.hiramoto.org/ AOL IM ID = KarlH420 Yahoo_IM = karl_hiramoto ¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø internet is needed to catch the etherbunny
On Mon, Jun 10, 2002 at 10:27:26PM -0400, Karl Hiramoto wrote: karl> Anyone done much with LDAP servers? Authentication? Network karl> security? iptables? I'd personally love to see a talk on LDAPv3 w/KerberosV done on Linux. Bonus points if someone has gotten this to interoperate with Active Directory (which is basically just that). Here's the HOWTO: http://www.bayour.com/LDAPv3-HOWTO.html -- Charles R. Anderson <cra@wpi.edu> / http://angus.ind.wpi.edu/~cra/ PGP Key ID: 49BB5886 Fingerprint: EBA3 A106 7C93 FA07 8E15 3AC2 C367 A0F9 49BB 5886
On Mon, 10 Jun 2002 22:53:48 -0400 "Charles R. Anderson" <cra@WPI.EDU> wrote: CRA> I'd personally love to see a talk on LDAPv3 w/KerberosV done on CRA> Linux. Bonus points if someone has gotten this to interoperate CRA> with Active Directory(which is basically just that). Here's the CRA> HOWTO: CRA> CRA> http://www.bayour.com/LDAPv3-HOWTO.html Interesting. I couldn't get to the domain. This is really irritating when EVERYONE refers to this one document. 8\ there's another LDAP HOWTO on Linux.org .... :) the link for THAT is http://www.linux.org/docs/ldp/howto/LDAP-HOWTO.html ... -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- William Smith wsmith-at-chezsmith-dot-com Fall River, MA http://www.chezsmith.com How is it that a building burns up as it burns down? * TAG! v3.0 *
On Wed, Jun 12, 2002 at 08:49:04AM -0400, Bill Smith wrote: wsmith> Interesting. I couldn't get to the domain. This is really irritating wsmith> when EVERYONE refers to this one document. 8\ Are you using Linux 2.4? Do you have trouble reaching www.kernel.org too? See this document: http://www.gtf.org/garzik/ecn/ In Linux 2.4, ECN is enabled and disabled with a sysctl called tcp_ecn which is documented in: /usr/src/linux/Documentation/filesystems/proc.txt You can find out if your system is using ECN: cat /proc/sys/net/ipv4/tcp_ecn If a 1 shows up there, you are using ECN and may be unable to reach sites which incorrectly filter packets that use the ECN bits. You can try turning ECN support off: echo 0 > /proc/sys/net/ipv4/tcp_ecn However, if the remote site is using ECN and there is a broken firewall between you and them, you may be out of luck. Are you behind a firewall? If so, you might want to check its configuration if possible. -- Charles R. Anderson <cra@wpi.edu> / http://angus.ind.wpi.edu/~cra/ PGP Key ID: 49BB5886 Fingerprint: EBA3 A106 7C93 FA07 8E15 3AC2 C367 A0F9 49BB 5886
participants (3)
-
Bill Smith
-
Charles R. Anderson
-
Karl Hiramoto