顯示文章

這裡允許您檢視這個會員的所有文章。請注意, 您只能看見您有權限閱讀的文章。


主題 - adrianmak

頁: [1]
1
其實那個firewall 強? 尤其當受都DoS 攻擊時,那個可以頂到較長時間?

2
I setup a mail server using followings components
 
postfix
sasl
pam-mysql
courier-auth 0.58
courier-imap 4.0.6
mysql 5.0.16
 
email user is authenicated against mysql backend db
I added a test account in db and I tested the smtp auth and it works (i.e. can authenticate against db)
but I failed to test with imap and pop3
 
# telnet localhost 110
Trying 127.0.0.1...
Connected to NS1 (127.0.0.1).
Escape character is '^]'.
+OK Hello there.
user adrian@mydomain.com
+OK Password required.
pass 123456
-ERR Temporary problem, please try again later
Connection closed by foreign host.
 
the maillog shown
Dec 10 17:37:05 NS1 pop3d: Connection, ip=[::ffff:127.0.0.1]
Dec 10 17:37:17 NS1 pop3d: LOGIN FAILED, user=adrian@mydomain.com, ip=[::ffff: 127.0.0.1]
Dec 10 17:37:17 NS1 pop3d: authentication error: Input/output error
 
 
# telnet localhost 143
Trying 127.0.0.1...
Connected to NS1 (127.0.0.1).
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc.  See COPYING for distribution information.
a login adrian@mydomain 123456
* BYE Temporary problem, please try again later
Connection closed by foreign host.
 
the maillog shown
Dec 10 17:42:27 NS1 imapd: Connection, ip=[::ffff:127.0.0.1]
Dec 10 17:42:38 NS1 imapd: LOGIN FAILED, user=adrian@mydomain.com, ip=[::ffff: 127.0.0.1]
Dec 10 17:42:38 NS1 imapd: authentication error: Input/output error
 
authdaemonrc config is, others remains by default values
authmodulelist="authpam authmysql"
 
authmysqlrc config is
MYSQL_SERVER            localhost
MYSQL_USERNAME          postfixuser
MYSQL_PASSWORD          userpostfix
MYSQL_SOCKET            /tmp/mysql.sock
MYSQL_DATABASE          postfix
MYSQL_USER_TABLE        mailbox
MYSQL_CRYPT_PWFIELD     password
MYSQL_LOGIN_FIELD       username
MYSQL_HOME_FIELD        home
MYSQL_MAILDIR_FIELD     maildir
 
/etc/pam.d/pop3
auth sufficient pam_mysql.so user=postfixuser passwd=userpostfix host=localhost db=postfix t
able=mailbox usercolumn=username passwdcolumn=password crypt=1
account required pam_mysql.so user=postfixuser passwd=userpostfix host=localhost db=postfix
table=mailbox usercolumn=username passwdcolumn=password crypt=1
 
/etc/pam.d/imap
auth sufficient pam_mysql.so user=postfixuser passwd=userpostfix host=localhost db=postfix t
able=mailbox usercolumn=username passwdcolumn=password crypt=1
account required pam_mysql.so user=postfixuser passwd=userpostfix host=localhost db=postfix
table=mailbox usercolumn=username passwdcolumn=password crypt=1

3
my system is redhat AS3 U4 and using postfix as mta

system has following stock rpm packages installed

postfix-2.0.16-14.RHEL3
cyrus-sasl-2.1.15-10
cyrus-sasl-md5-2.1.15-10
cyrus-sasl-gssapi-2.1.15-10
cyrus-sasl-plain-2.1.15-10
cyrus-sasl-devel-2.1.15-10

I added followings line in /etc/postfix/main.cf

smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_authenticated permit_mynetworks check_relay_domains
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes

updated the file /usr/lib/sasl2/smtpd.conf
pwcheck_method: saslauthd

then start saslauthd and restart postfix

try telnet localhost 25
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN GSSAPI
250-XVERP
250 8BITMIME


in the AUTH, I can't see whatever DIGEST-MD5 and CRAM-MD5 protocol which I saw in other postfix installation tutorial

What other configuration I was missed ?

4
Linux 討論版 / mrtg 各virtual host
« 於: 2005-08-15 12:30 »
我的linux上host了幾個web site
e.g.
www.domain1.com
www.domain2.com
www.domain3.com

我知道要mrtg httpd, network interface, cpu 等十分容易

但要怎麼mrtg各 virtual host 的network bandwidth 使用量??

5
Linux 討論版 / 新版rrdtool 1.2.x 支持中文嗎?
« 於: 2005-08-15 08:59 »
新版1.2.x 支持true type font
但是否支持中文嗎?
即generate graph 能顯示中文字嗎?

6
因學習computer security需要,其中一個習作是要寫一個el gamal編碼算法,要求如下
1. keys generation
2. decryption
3. encryption

我已用java 基本寫好了,但decrypted 後的cipher text 是怎樣表示
e.g. plain text 是 ABCD

以一個byte作一個block 來做encryption
我的做法是, 首先 逐個字母轉成ASCII value e.g. A - 65, B - 66, C- 67, D - 68
然後用el gamal 的 那條algorithm 將每個字母轉成 cipher text

e.g. A - 128 , B - 256, C - 312 , D 211

但 問題是計算出來的是數字,怎樣化成chars
e.g. 如果你們接觸過其他編碼算法 e.g. RSA

那出來的keys, cipher text 是一篇chars
e.g.
jfdjfkdjfdhfddfj4%$^FGFGYHGH #$3454364565r5GFHTUYWSEW$#@
eFERTT%^%^%


請問是怎樣做的呢 ?

7
Linux 討論版 / 關於SELinux
« 於: 2005-02-25 09:32 »
打算學習SELinux, 有沒有好的教學文章?

8
Linux 討論版 / 怎樣制作php 各module的rpm包?
« 於: 2005-02-11 14:16 »
rpm 包的軟件如php
php 相關的module rpm包都是各自獨立安裝
問題是我怎樣制作這些rpm包? e.g. php-ldap , php-mysql, php-pear, etc

9
謝謝 !!

10
有5台PC, 分別扮演以下各式
Linux load balancer x 1
Apache web server x 3
mysql db server x 1


網頁放在mysql db server上,經NFS 給3台apache web server mount 上
以形成中心網頁文件

但發現有是apache web server不知道什麼原因NFS connection 斷了
導致他人瀏覽web 時出現ERROR 404 找不到pages

11
wget is a good command line tool but it only support single session.
How about any command line download tool which support multi-session download from same file ?

12
I have a linux server which is installed in data centre. 100M bandwidth connected to the Internet.

The server is providing web bbs forum and ftp upload/download service.
To prevent ftp traffic dominate the whole 100M bandwidth, I'm going to implement bandwidth control.

50% reserve for web bbs
50% reserve for ftp download traffic (ftp upload traffic will not restrict to 50% bandwidth i.e. 100M can be used for upload traffic)

I have search a lot of articles regarding linux traffic control. I know that it is using tc to accomplish the bandwidth control. But the details how to implement, I don't know actually  :oops:

Any experts here can teach me how to ? by providing examples.


我有台linux server放在機房. 100M 連上Internet
server提供bbs論壇,ftp上下載服務

防止ftp traffic耗盡所有bandwidth, 所以打算設置bandwidth control

50% bandwidth給bbs
50% bandwidth給Internet ftp 用戶下載 (ps ftp上載沒有bandwidth限制)

上網找都數篇文章,大概是用tc 來實現,但具體是怎樣做,
請各學長指導一下

13
Linux 討論版 / 怎樣mrtg 各qdisc class
« 於: 2004-12-15 09:20 »
我用qdisc htb 來分配各重要服務的流量
怎樣用mrtg來plot出各class的使用量?

14
I'm using mrtg to plot the in/out traffic flow of an interface.
However network traffic is counted in bits instead of bytes
How to display the unit in mrtg correctly in bit ?

Also
this is a site which demonstrate to use snmp to get linux cpu usage
http://ohaha.ks.edu.tw/mrtg-cpu2.php

it seems only monitor single cpu system but my system is dual cpu
how the oid should be for cpu0 and cpu1 ?
in the text,  it used oid ssCpuRawUser.0&ssCpuRawIdle.0 to get cpu usage

the 0 is indicate for single or first cpu ??
If my assumption is correct, for my dual cpu it should be
ssCpuRawUser.0&ssCpuRawIdle.0   for first cpu
ssCpuRawUser.1&ssCpuRawIdle.1   for second cpu

right ?

15
程式討論版 / 用php建立web service
« 於: 2004-12-05 07:39 »
apache 2.0.49
php 4.3.9
nusoap 0.63

echoStringClient.php

<?php
require('nusoap.php');
$myString = 'Duetruch Ayala';
$parameters = array($myString);

$s = new soapclient('http://192.168.103.190/soap/echoStringServer.php');

$result = $s->call('echoString',$parameters);

if (!$err = $s->getError()) {
echo 'Result: '.$result;
} else {
echo 'Error: '.$err;
}

echo '<xmp>'.$s->request.'</xmp>';
echo '<xmp>'.$s->response.'</xmp>';

?>

echoStringServer.php
<?php

require('nusoap.php');

$s = new soap_server();

$s->register('echoString');

function echoString($inputString) {
if (is_string($inputString)) {
return $inputString;
} else {
return new soap_fault('Client','','The parameter to this servuce
must be a string.');
}
}

$s->service($HTTP_RAW_POST_DATA);

?>

When I access http://192.168.103.190/soap/echoStringClient.php
it returned
The XML page cannot be displayed
Cannot view XML input using style sheet. Please correct the error and
then click the Refresh button, or try again later.

--------------------------------------------------------------------------------

Invalid at the top level of the document. Error processing resource
'http://192.168.103.190/soap/echoStringClient.php'.

What's the problem ? It is just a simple echo string web service

16
我有台redhat AS3 服務器,上面有運行
1. http - web 服務
2. BT Tracker  服務

我知道怎樣用mrtg畫出網卡的流量圖表,但以application 層面
像我的case, 分別http, bt tracker

怎樣做呢?

17
有以下圖

--Internet----------[firewall]----------private net---------|

firewall , 10M 連上Internet
firewall後面i.e.private net, 有幾台servers, ftp, http, smtp
比如想
預留5M給http
預留3M給smtp
預留2M給ftp


那麼我可以保證有5M寬帶給http 服務,而不會因有Internet 用戶由我們的下載東西而佔用整條10M bandwidth, 而影響其他服務e.g. http, smtp 等

18
Linux 討論版 / NFS mount problem
« 於: 2004-11-20 11:11 »
I'm using Redhat AS 3 U3

I used nfs to share files between servers
I added following in the /etc/fstab

192.168.200.5:/home3 /home3 nfs rw,hard,intr 0 0
192.168.200.5:/home2 /home2 nfs rw,hard,intr 0 0

but don't know why it only mount the first one i.e. /home3
/home2 cannot be mount

if I changed the mount order to

192.168.200.5:/home2 /home2 nfs rw,hard,intr 0 0
192.168.200.5:/home3 /home3 nfs rw,hard,intr 0 0

now /home2 can mount success but /home3 cann't mount

what's is the problem ?

19
Linux 討論版 / scim 打開不到
« 於: 2004-11-14 20:05 »
正在使用debian 3.0r3
最近安裝了SCIM, 已將所以關於SCIM的deb 包都安裝了
我是用apt來安裝的.


vi /etc/X11/xinit/xinitrc
在 ./etc/X11/Xsession前加了以下2行
export XMODIFIERS="@im=scim"
scim -d

進入X Window 後 ,怎樣按ctrl-space SCIM都出不到

不知是否有什麼設定錯漏 ??

20
一直以來大部份時間集中搞redhat, 很少接觸其他distrubtion
現想玩玩其他distro,  而對debian 十分有興趣因聽說系統的配置與redhat 或redhat base 的distro 有粉大分別

但發覺有7隻CD那麼多 :o , 是否需要全部下載嗎??
同各CD分別裝著什麼東東,要那麼多CDs......汗

21
學校打算安裝大量PC以linux OS作為desktop 用途

我想建立一個學校內部用的linux distrubtion 根據fedore 製定
e.g.
加入其他有需要的packages
除去不必要的packages
修改一下fedora installer, e.g.不需要什麼server install option, custom install option
customize gnome/kde splash screen , dekstop wallpaper等加入學校的logo
etc...........

各位學長,有沒有什麼相關文件可參考?

22
公司正在用ms exchange 因用戶需要用ms exchange groupware collorbation features e.g. meeting , sharing calender, etc

可能exchange本身沒有什麼spam, virus scanning 功能,這些都要靠3rd parties廠商提供,但這些都要$$的 :cry: 而且license多數以多少mail client 來計算,實在不便宜

所以我想有沒有辦法,方案,以一台open source mail server, e.g. postfix, qmail, sendmail etc  作smtp 收發 , 如果email 是沒virus, 或不是spam mail 的才轉給exchange

在這裡看過很多討論,linux/unix上的anti-spam mail, virus email scanning
十分完善而有效率,而且還是免費方案的

所以有沒有辦法呢 ?

23
Linux 討論版 / 關於httpd load balancing
« 於: 2004-11-11 07:06 »
正打算建立群集服務給http load balancing.
1 台load balancer
3 台http server 作負載

所知的免費開源有2個方案
1. Linux Virtual Server (LVS)
2. POUND

之前配置過LVS, 是有點繁複,要patch kernel source 部等驟.
看過POUND 文件,十分易
請問那個方案好些? e.g. 穩定性,效率等

24
Linux 討論版 / REDHAT 下如何自建APT SERVER
« 於: 2004-11-10 22:32 »
內網有多台redhat PC, 想至堅apt server給client更新packages

頁: [1]