Date: Sat, 22 Jun 96 08:40:52 EST From: Dwight McKay (The Moderator) Reply-To: Suns-at-Home@net-kitchen.com Subject: Suns-at-Home Digest V9 #22 To: Suns-at-Home-List Suns-at-Home Digest Sat, 22 Jun 96 Volume 9 : Issue 22 Today's Topics: HP DAT tape drive for SUN SUMMARY: responces to home-workstation ppp dialout security query +--------------------------------------------------------------------+ | Submissions: suns-at-home \ | | Requests: suns-at-home-request > @net-kitchen.com | | Archives: suns-at-home-archives / | | WWW Archive access: http://www.net-kitchen.com/~sah | +--------------------------------------------------------------------+ ---------------------------------------------------------------------- Date: Sun, 16 Jun 1996 10:23:00 -0400 From: "fadi (f.) mehanna" Subject: HP DAT tape drive for SUN To: Suns-at-Home@tigger.net-kitchen.com Hello, I have a SParcII 4.1.3_U1, and naively I tried to connect an HP tape drive (DAT) to the SUN. Upon boot I got the message: vmunix: st0: Generic Drive, Vendor= vmunix: Unknown type- assuming 0.25 inch cartridg vmunix: Variable record length I/O I tried tar, dump, cpio nothing works, SUN keeps complaining about no taape or drive is off. Obviousely Suns do not work with HP DAT tape drives. Is this true or is there some patch or whatever to make it work. I appreciate any pointers, Thanks for your help Fadi - ------------------------------ Date: Thu, 20 Jun 96 10:33 PDT From: bkis@island.net (Jonathan Thornburg) Subject: SUMMARY: responces to home-workstation ppp dialout security query To: suns-at-home@tigger.net-kitchen.com In a Suns-at-Home posting a few weeks ago, I asked some questions about how to make ppp dialout from a home workstation reasonably secure against nastygram packets coming in from the internet while the ppp link is active. In responce to a couple of requests, this message is a summary of the responces I received. I asked: | [...] is there any practical way I can use use packet | filtering on the Sun to get reasonable security without having to | individually secure each of my N different network services? The main thrust of the responces was "no" :=( . Almost everyone said to turn off any network services which aren't absolutely necessary, eg rlogind, rexd, nfs, the rpc portmapper, etc. ("Turn off" = comment them out of /etc/inetd.conf or /etc/rc.local, then either reboot or kill any running daemons.) (Unfortunately, I _need_ many of the network services for local use on my machine.) In particular, several people said to turn off sendmail. smail seems to be the most popular replacement if a mail daemon is needed. Lots of people said to use tcp-wrappers for necessary tcp services. One person suggested an apparently complementary package, | "ip-filter" by Darren Reed . It's | suitable for both gateway hosts, and leaf nodes. There's a WWW page | here: | | http://cheops.anu.edu.au:80/~avalon/ip-filter.html | | and the code is here: | | ftp://coombs.anu.edu.au/pub/net/kernel/ip-fil3.0.4.tar.gz One person warned not to run a Java-enabled web browser. (I agree!) A few people mentioned slirp (free) or tia (~US$30), which fake slip over a dumb-terminal serial link to an isp shell account. But from further correspondence, these offer only limited security and are limited in performance by the responsiveness of the isp's machine. Apparently they also don't work for udp services. I also asked: | More generally, what are other people with home workstations and | SLIP/PPP connections doing about security? I only received one specific responce to this: | People my age (40 +) seem to give up, and use a dedicated machine for all | the internet stuff, with the link between the local net and the dedicated | mail-news-web machine physically down when using the internet Reading between the lines of the replies to my more specific questions, most people seem to just turn off unnecessary network services, maybe turn off sendmail and/or use tcp-wrappers, and hope for the best. Noone sent me any specific horror stories of breakins, but then again I didn't ask for these :=) ... My thanks to all those who sent me information. - Jonathan Thornburg (personal E-mail) U of British Columbia / Physics Dept / "C Code. C code run. Run, code, run... PLEASE!!!" - Barbara Tongue - ------------------------------ End of Suns-at-Home Digest ******************************