From: durgads@charteredsemi.com
Date: Wed Feb 05 2003 - 19:35:26 EST
hi Vinnie,
Probably I believe some thing like Reverse address resolution protocol, May
be try with defining ip_address in /etc/hosts file in both systems ( Sys A
and Sys B ).
The network switch side and system side define 100 mbps and 1gbps fixed
ports instead of auto negotiable.
Best Regards,
Shanker Durgad,
IT Infrastructure & Operations,
Chartered Semiconductor Manufacturing Ltd.
DID : 63601749
sunmanagers-request@sunmanagers.org 06/02/2003 01:00 AM
Sent by: sunmanagers-admin@sunmanagers.org
Please respond to sunmanagers
To: sunmanagers@sunmanagers.org
cc: (bcc: DURGAD Shanker/IT/CHRT/ST Group)
Subject: sunmanagers digest, Vol 1 #1920 - 11 msgs
Send sunmanagers mailing list submissions to
sunmanagers@sunmanagers.org
To subscribe or unsubscribe via the World Wide Web, visit
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
or, via email, send a message with subject or body 'help' to
sunmanagers-request@sunmanagers.org
You can reach the person managing the list at
sunmanagers-admin@sunmanagers.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of sunmanagers digest..."
Today's Topics:
1. ipv4 ipv6 (Moughan, Laurence)
2. ldap authentication (sun@bagdon.com)
3. SUNPCi crashes system after Solaris 8 2/02 upgrade (Sizemore, Joanna)
4. verisign 128 bit cert for Oracle's apache (Kevin Metzger)
5. HERE IS SOMETHING I FOUND OUT ???? ftping very slow just to
one specific server on the network ...??? (German, Vinnie)
6. TCP/IP ports question. (Andres Rojas)
7. Multiple Sun Ray Networks (Greg Mani)
8. tripwire (Cathy M. Bodenstedt)
9. Max. temp of a SPARC-CPU-Module?! (Husemann, Harald)
10. tripwire (Cathy M. Bodenstedt)
--__--__--
Message: 1
From: "Moughan, Laurence" <Laurence.Moughan@o2.com>
To: "'sunmanagers@sunmanagers.org'" <sunmanagers@sunmanagers.org>
Subject: ipv4 ipv6
Date: Wed, 5 Feb 2003 14:33:11 -0000
Hi All,
I found the solution to a rcp issue i was having was a known bug in solaris
8, with workaround ( details below ) was to replumb my interface ipv6.
However i was wondering if anyone knew if there was any impact or if it was
possible to have a mixed ipv4 / ipv6 environment ( switched )or if all
hosts, routers and switches would have to be migrated to ipv6
Thanks
Laurence
.......................
Customer transfers files with the command rcp from a Solaris 5.8 system to
other unix platforms like HP or SGI.
When using the target system's hostname within the rcp-command it works
fine.
When using the target system's ip-address it fails (with a confusing
message).
sample:
$ rcp mda.xbm 172.25.53.53:mda.xbm
::ffff:172.25.53.53: unknown host
The message is confusing here, because it contains a IPv6 type ip-address,
but
there was used an IPv4 type address in the rcp command.
A rcp to the hostname works fine:
$ rcp mda.xbm bomek4.europe.nokia.com:mda.xbm
$
This remote host is defined in DNS. The hosts-entry in nsswitch.conf
contains
files nis dns. But the problem also occurs when this entry only contains
files
and the hostname is defined in /etc/hosts.
Hostname and ip-address are resolvable:
$ getent ipnodes 172.25.53.53
172.25.53.53 bomek4.europe.nokia.com bomek4
$ getent hosts bomek4.europe.nokia.com
172.25.53.53 bomek4.europe.nokia.com bomek4
The problem only occurs when the remote system is a non-Solaris platform.
When
there's a Solaris on the other end, rcp also works when an ip-address is
used
in the command.
This is because the non-Solaris platforms return "/usr/lib/sunw,rcp not
found"
when responding to the rcp's request, if acl is possible:
(extract from snoop)
9 0.10655 172.25.53.53 -> 131.228.113.8 RSHELL R port=1018 ksh:
/usr/lib/sunw,r
0: 0800 2082 aca9 0030 19c9 bc00 0800 4500 .. ....0......E.
16: 004b f6e7 4000 3906 748a ac19 3535 83e4 .K..@.9.t...55..
32: 7108 0202 03fa 7029 de02 14aa fd42 5018 q.....p)....}BP.
48: 8000 052e 0000 6b73 683a 202f 7573 722f ......ksh: /usr/
64: 6c69 622f 7375 6e77 2c72 6370 3a20 206e lib/sunw,rcp: n
80: 6f74 2066 6f75 6e64 0a ot found.
Truss shows that the error-message becomes written, immediatelly after the
("read(5, " k", 1)" ) above frame has been read from the socket.
6956/1: 0.9446 connect(5, 0xFFBEFBE0, 32,
1) = 0
6956/1: AF_INET name = 172.25.53.53
port = 514
6956/1: 0.9451 write(5, "\0", 1)
= 1
6956/1: 0.9455 write(5, " i d e a s c
p\0", 8) = 8
6956/1: 0.9458 write(5, " i d e a s c
p\0", 8) = 8
6956/1: 0.9461 write(5, 0x00025590, 29)
= 29
6956/1: / u s r / l i b / s u n w , r c p - t
m d a . x b m\0
6956/1: 1.3110 read(5, "\0", 1)
= 1
6956/1: 1.3114 sigaction(SIGPIPE,
0xFFBEFD00, 0x00000000) = 0
6956/1: new: hand = 0xFF219458 mask = 0 0 0 0
flags = 0x0012
6956/1: 1.3117 sigprocmask(SIG_SETMASK,
0xFFBEFCE0, 0x00000000) = 0
6956/1: set = 0 0 0 0
6956/1: 1.4186 read(5, " k", 1)
= 1
6956/1: 1.4192 close(5)
= 0
6956/1: 1.4194 getpid()
=
6956 [6955]
6956/1: 1.4197 ioctl(4, 0xC00C6982,
0xFFBEF92C) = 0
6956/1: 1.4204 write(2, 0x00025F20, 19)
= 19
6956/1: : : f f f f : 1 7 2 . 2 5 . 5 3 . 5 3
6956/1: 1.4207 write(2, 0xFF3AAC6E, 15)
= 15
6956/1: : u n k n o w n h o s t\n
6956/1: 1.4210 llseek(0, 0, SEEK_CUR)
=
22610
6956/1: 1.4212 _exit(1)
rcp always fails when an ip-address is specyfied for the remote system and
the
file /usr/lib/sunw,rcp does not exist on the remote system.
I was able to recreate this here when doing a rcp from Solaris 8 to Solaris
7
after I unlinked the symbolic link /usr/lib/sunw,rcp on the (target)
Solaris
7
system.
I haven't been able to recreate this when doing rcp from Solaris 7 to
Solaris
7. So I guess something in the IPv6 relevant additions to rcp makes this
happening.
Work Around Top
rcp command fails from Solaris 8 to non-solaris machines if IPv6 is not
enabled.
The workaround is to enable IPv6.
To enable IPv6:
1. Login as root
2. Run the following commands
# ifconfig <interface> inet6 plumb up
3. Create the file hostname6.<interface> so that this
is done automatically next time the machine boots up
# touch /etc/hostname6.<interface>
*****************************************************************************
***********
This E-mail is from O2. The E-mail and any files
transmitted with it are confidential and may also be privileged and
intended
solely for the use of the individual or entity to whom they are addressed.
Any unauthorised direct or indirect dissemination, distribution or copying
of this message and any attachments is strictly prohibited. If you have
received the E-mail in error please notify postmaster@O2.com or
telephone ++ 353 1 6095000.
*****************************************************************************
************
--__--__--
Message: 2
Date: Wed, 5 Feb 2003 10:16:19 -0500 (EST)
From: <sun@bagdon.com>
To: sunmanagers@sunmanagers.org
Subject: ldap authentication
We are looking into using ldap and/or active-directory (don't ask!) to
authenticate to local hosts. But we have one issue - we want to limit who
can log into local hosts. We don't want to use ldap to identify who can
log in - we want to use ldap to identify the passwords of those who we
already say can log in. Looking through some docs, it appears that the
process is you put the non-ldap users in to /etc/passwd, then let ldap
deal with the ldap users. But that means EVERY ldap user can log into the
host.
The closest we've come so far is using the shell-methodology that RSA uses
for SecurID. In that case, you put a shell into /etc/passwd (sdshell?),
the users put's in their local password, then sdshell goes to the Ace
server and authenticate. If good, then spawn another shell. If not, it
closes the socket.
We envision the same thing - have a shell called ldapshell, have the
localhost password be null, then have the shell accept the ldap password -
if good spawn another shell, if bad close the socket.
But - if anyone knows how to authenticate to ldap, while still having a
close user-list, PLEASE feel free to speak up.
Thanks!!!
Steve B.
--__--__--
Message: 3
From: "Sizemore, Joanna" <joanna.sizemore@grote.com>
To: "Sunmanagers (E-mail)" <sunmanagers@sunmanagers.org>
Subject: SUNPCi crashes system after Solaris 8 2/02 upgrade
Date: Wed, 5 Feb 2003 10:27:52 -0500
Please help!
I have upgraded two Ultra 10s to Solaris 8. I can open Sunpci window to
dos, but on accessing the diskimage (to run Windows 98) the system crashes
and core dumps. One of the systems had partial pkgadd failures on the
upgrade (SUNWtoo.2, SUNWceuow, SUNWnamow, SUNWweuow), the other did not.
However, both crash the entire system, not just the pci window in the same
way. All of my other apps seem fine.
Has anyone seen this? Do you have any suggestions?
Thanks in advance,
Joanna
+ + + + + + + + + + + + + + + + + + + + + + + + +
PRIVILEGED MESSAGE. Unless noted otherwise in the above message, this
email is confidential, intended only for the named recipient(s) above and
may contain information that is a trade secret, proprietary, privileged,
sensitive or confidential information. Unintended transmission shall not
constitute a waiver of confidentiality or any other privilege. If you have
received this message in error, or are not the named or intended
recipient(s), please notify the sender or 812-273-8612 and delete this
email message and any attachments from your workstation or network mail
system.
+ + + + + + + + + + + + + + + + + + + + + + + + +
--__--__--
Message: 4
Date: Wed, 5 Feb 2003 10:29:58 -0500 (EST)
From: Kevin Metzger <kevin@pmimail.com>
To: sunmanagers mailing list <sunmanagers@sunmanagers.org>
Subject: verisign 128 bit cert for Oracle's apache
I'm in a pinch and need to purchase and install a Verisign 128 bit
certificate
for the Apache that shipped with and installed with Oracle 8i. I need to
have
this done by week end and since it's a productin box I can't down the
server
during 8-8 M-F and at $900 each I can't buy a cert and install on our test
box
for the purpose of getting the process tested before going live.
My DBA has turned his back on this calling it a systems job despite the
fact
that I havn't seen the install on Apache that Oracle before today.
Any help or pointers or links will be greatly appreciated.
I know this is rather general, but any time I save will be a big help.
Thanks
in advance and I'll summarize.
--
Kevin Metzger
Systems Administrator
Progressive Medical, Inc.
--__--__--
Message: 5
From: "German, Vinnie" <Vgerman@us.nomura.com>
To: "'sunmanagers@sunmanagers.org'" <sunmanagers@sunmanagers.org>
Subject: HERE IS SOMETHING I FOUND OUT ???? ftping very slow just to
one specific server on the network ...???
Date: Wed, 5 Feb 2003 10:40:11 -0500
I just found out the following:
When ftping to server which I think has a problem here is what "netstat -i
3" is showing:
Notice how small size of pockets are on the 1 to 2 thousands range.
input ce0 output input (Total) output
packets errs packets errs colls packets errs packets errs colls
183403 0 131495 0 0 219570 0 167662 0 0
2 0 0 0 0 18 0 16 0 0
14 0 29 0 0 14 0 29 0 0
7 0 0 0 0 7 0 0 0 0
16 0 0 0 0 16 0 0 0 0
5 0 0 0 0 5 0 0 0 0
2 0 0 0 0 6 0 4 0 0
1128 0 704 0 0 1144 0 720 0 0
1474 0 928 0 0 1474 0 928 0 0
1347 0 832 0 0 1347 0 832 0 0
2019 0 1248 0 0 2019 0 1248 0 0
2109 0 1312 0 0 2109 0 1312 0 0
1897 0 1152 0 0 1897 0 1152 0 0
2664 0 1664 0 0 2664 0 1664 0 0
2795 0 1728 0 0 2795 0 1728 0 0
1206 0 768 0 0 1206 0 768 0 0
1903 0 1152 0 0 1903 0 1152 0 0
1125 0 736 0 0 1125 0 736 0 0
1537 0 1024 0 0 1537 0 1024 0 0
682 0 416 0 0 682 0 416 0 0
1776 0 1088 0 0 1776 0 1088 0 0
861 0 544 0 0 877 0 560 0 0
1444 0 896 0 0 1444 0 896 0 0
1205 0 736 0 0 1205 0 736 0 0
642 0 416 0 0 642 0 416 0 0
137 0 64 0 0 137 0 64 0 0
1821 0 1120 0 0 1821 0 1120 0 0
1498 0 960 0 0 1498 0 960 0 0
1565 0 928 0 0 1565 0 928 0 0
721 0 448 0 0 721 0 448 0 0
2361 0 1440 0 0 2361 0 1440 0 0
2977 0 1824 0 0 2977 0 1824 0 0
2419 0 1472 0 0 2419 0 1472 0 0
3032 0 1856 0 0 3032 0 1856 0 0
1916 0 1216 0 0 1916 0 1216 0 0
2403 0 1440 0 0 2404 0 1441 0 0
2596 0 1600 0 0 2611 0 1615 0 0
1389 0 864 0 0 1389 0 864 0 0
1734 0 1056 0 0 1734 0 1056 0 0
1180 0 736 0 0 1180 0 736 0 0
1334 0 736 0 0 1334 0 736 0 0
13 0 0 0 0 13 0 0 0 0
13 0 0 0 0 13 0 0 0 0
NOW WHEN FTPING TO SERVER WHICH ARE OK NOTICE SIZE OF PACKETS:
NUMBERS IN RED SHOW WHEN FTP START AND WHEN IT ENDS.
NOTICE ALSO THAT IT'S TAKEN 10/12 TIME MUCH LONGER TO SYSTEM WITH PROBLEM.
BIG QUESTION IS AND WHICH I THINK COULD BE THE ANSWER TO THE PROBLE IS
WHY ARE PACKETS 10 TIMES OR SO SMALLER ON SYSTEM WITH PROBLEM?
input ce0 output input (Total) output
packets errs packets errs colls packets errs packets errs colls
59240718 0 113127693 0 0 63298866 0 117185841 0 0
2 0 0 0 0 6 0 4 0 0
13 0 0 0 0 15 0 2 0 0
2 0 0 0 0 7 0 5 0 0
3 0 0 0 0 8 0 5 0 0
2 0 0 0 0 2 0 0 0 0
13 0 0 0 0 17 0 4 0 0
2 0 0 0 0 9 0 7 0 0
2 0 0 0 0 9 0 7 0 0
2 0 0 0 0 2 0 0 0 0
13 0 0 0 0 20 0 7 0 0
2 0 0 0 0 8 0 6 0 0
2 0 0 0 0 4 0 2 0 0
2 0 31 0 0 5 0 34 0 0
7 0 0 0 0 28 0 21 0 0
4 0 0 0 0 6 0 2 0 0
17 0 0 0 0 19 0 2 0 0
4 0 0 0 0 7 0 3 0 0
2 0 0 0 0 8 0 6 0 0
8754 0 4352 0 0 8756 0 4354 0 0
16959 0 8512 0 0 16964 0 8517 0 0
15841 0 7936 0 0 15844 0 7939 0 0
15076 0 7584 0 0 15078 0 7586 0 0
2 0 32 0 0 7 0 37 0 0
2 0 0 0 0 6 0 4 0 0
13 0 0 0 0 13 0 0 0 0
2 0 0 0 0 6 0 4 0 0
> -----Original Message-----
> From: German, Vinnie
> Sent: Wednesday, February 05, 2003 9:24 AM
> To: sunmanagers@sunmanagers.org
> Subject: ftping very slow just to one specific server on the
network
> ...???
>
> Hello Managers:
>
> I have a very insteresting situation here. Lots of servers on the same
> subnet .101 and
> when I try to ftp from server "A" to server "B" it will take 12/15
minutes
> or so to ftp
> a file which will usually take 30 seconds to ftp to any other server on
> the network.
>
> I have 100mbit connection and 1gig connection. The server ftping from
> server "A" is 100mbit
> and server ftping to server "B" is 1gig.
>
> I had worked alone with network people and everything seems to be normal
> on the network side
> and switch side.
>
> I had checked both server with ndd and netstat command to make sure
> they're at 100mbit and 1gig.
>
> Setup on server "B" server I'm ftping to seems to be same as all other
> server I could ftp to without
> any problem.
>
> Server I'm ftping from is an E4500 running Sol 8 and server ftping to is
a
> 280R also running Solaris 8.
>
> Will really appreciate any suggestion on this.
> Thanks so much for your cooperation,
> Vinnie.
>
----- This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission. If
you receive this message in error, please delete it and all copies from
your
system, destroy any hard copies and notify the sender. You must not,
directly or indirectly, use, disclose, distribute, print, or copy any part
of this message if you are not the intended recipient. Nomura Holding
America Inc., Nomura Securities International, Inc, and their respective
subsidiaries each reserve the right to monitor all e-mail communications
through its networks. Any views expressed in this message are those of the
individual sender, except where the message states otherwise and the sender
is authorized to state the views of such entity. Unless otherwise stated,
any pricing information in this message is indicative only, is subject to
change and does not constitute an offer to deal at any price quoted. Any
reference to the terms of executed transactions should be treated as
preliminary only and subject to our formal written confirmation.
--__--__--
Message: 6
Subject: TCP/IP ports question.
To: "Sunmanagers (E-mail)" <sunmanagers@sunmanagers.org>
From: "Andres Rojas" <arojasm@adexus.cl>
Date: Wed, 5 Feb 2003 12:43:37 -0300
Dear Sun Managers,
I'd be appreciated if someone would address me to a web page or a Solaris
document what describes a list of the ports, their intended usage, the
owners and other relevant information.
Thanks in advance,
- Andres.
--__--__--
Message: 7
From: "Greg Mani" <mani@spawar.navy.mil>
To: <sunmanagers@sunmanagers.org>
Subject: Multiple Sun Ray Networks
Date: Wed, 5 Feb 2003 07:52:07 -0800
If this question is off topic I apologize in advance.
We are in a lab setting with an intranet. We are run Solaris 8 with Sun
Ray Session server software. Management wants to add another intranet
to this lab and let each Sun Ray have access to both networks.
Is there any toggle device available that would let us input multiple
network ether net cables to it and have one output Ethernet cable to the
Sun Ray. The device would have a button or switch of some sort to move
among the networks.
Thanks in advance to anyone that can help me.
Sincerely,
Greg
--__--__--
Message: 8
Date: Wed, 05 Feb 2003 10:07:08 -0600
From: "Cathy M. Bodenstedt" <bodenste@mailcenter.csap.af.mil>
To: "'sunmanagers@sunmanagers.org'" <sunmanagers@sunmanagers.org>
Subject: tripwire
Hello all-
Does anyone know of a free version of Tripwire for Solaris? Even an old
version of tripwire would be useful.
Cathy
--
Phone: 210-925-3244
DSN: 945-3244
[demime 0.99c.7 removed an attachment of type text/x-vcard which had a name
of bodenste.vcf]
--__--__--
Message: 9
From: "Husemann, Harald" <harald.husemann@Materna.DE>
To: sunmanagers@sunmanagers.org
Subject: Max. temp of a SPARC-CPU-Module?!
Date: Wed, 5 Feb 2003 17:12:28 +0100
Hi folks,
just a quick question:
What's the maximum temperature a SPARC (II or III) CPU module can have
before the OPB stops the machine due to overheating?!
Searched docs.sun.com, but the only info I'ver found is that the OPB WOULD
shutdown the machine when it detects an overheating condition - but,
there's
no information abt. the threshold...
Thanks in advance,
keep on hackin',
Harald
============================================
Harald Husemann
Systems Engineer
Teammanager Unix administration and Configuration Management
Materna Gmbh - Vo_kuhle 37 -
D-44141 Dortmund, Germany
Phone: +49-231-5599-8684
Mobile: +49-179-2300651
--__--__--
Message: 10
Date: Wed, 05 Feb 2003 10:47:44 -0600
From: "Cathy M. Bodenstedt" <bodenste@mailcenter.csap.af.mil>
To: "'sunmanagers@sunmanagers.org'" <sunmanagers@sunmanagers.org>
Subject: tripwire
Thanks to all that responded:
It looks like AIDE is the most popular replacement for tripwire. I've
included some urls from those that responded. Thanks again.
>From Paul Galjan http://www.cs.tut.fi/~rammer/aide.html
>From Alan Sparks
http://www.tripwire.com/products/tripwire_asr/index.cfm
>From Jo Ashmore http://sourceforge.net/projects/tripwire
Christopher Diarra
ftp://coast.cs.purdue.edu/pub/COAST/Tripwire/
ftp://ftp.cs.purdue.edu/pub/spaf/
http://www.cs.purdue.edu/
Eventually:
tripwire@tripwiresecurity.com
http://www.tripwiresecurity.com
>From Eric http://www.geocities.com/fcheck2000/
--
Phone: 210-925-3244
DSN: 945-3244
[demime 0.99c.7 removed an attachment of type text/x-vcard which had a name
of bodenste.vcf]
--__--__--
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
End of sunmanagers Digest
[This e-mail is confidential and may also be privileged. If you are not the
intended recipient, please delete it and notify us immediately; you should
not copy or use it for any purpose, nor disclose its contents to any other
person. Thank you.]
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:25:46 EDT