Re: [techtalk] Characters to avoid in passwords
On Mon, Mar 19, 2001 at 09:40:10AM +0100, Magni Onsoien wrote:
> to a certain service. An example is the "-" first in passwords (avoid it
> by prepending an extra - first when typing the ftp-password..), another
> is ":" in passwords at HP-UX 10.10 (I think it thinks the password ends just
> before the : and thus just use the first part of the password for login
> etc). I also think I have encontered problems with Windows NT, but I can't
> exactly remember the situation.
The /etc/passwd file uses : to separate the data fields. Although it
should be one way hashed and not come out the other end as a : this
could be confusing...
> (I usually recommend users not to use any special chars but period and
> comma, but that might be an overkill even though it's a very convenient
> and uncomplicated rule of thumb. Since I want automatic generation of
> passwords in this case, I won't have to bother the users with lists of
> legal and illegal chars anyway.)
I think that's the standard rule - a password should be basically like
an email address, upper case and lower case letters, and numbers.
Probably the best way to pick up this kind of stuff is to use a version
of passwd that will actually check the entered password for illegal
chars ('Sorry, passwords can only contain upper case and lower case
letters, and numbers. Passwords may only be 8 letters long. Please try
again.') Some of them are little password-nazis ('Sorry that's too
short... is a reverse word... should contain at least one digit').
Mary.
--
Mary Gardiner
<[EMAIL PROTECTED]>
GPG Key ID: 77625870
___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk
[techtalk] Characters to avoid in passwords
I was debugging some password problem the other day (dash first in password at ftp-server -> ftp-server turns off continuation messages that may confuse some ftp programs), and I came to think of if there excists a list of characters to avoid _for technical_ (no security rules) reasons in passwords on different kinds of OS and services, i.e. characters that may cause trouble when used on a certain OS or to connect to a certain service. An example is the "-" first in passwords (avoid it by prepending an extra - first when typing the ftp-password..), another is ":" in passwords at HP-UX 10.10 (I think it thinks the password ends just before the : and thus just use the first part of the password for login etc). I also think I have encontered problems with Windows NT, but I can't exactly remember the situation. Another problem: if only the first 8 chars is used by the OS; but ALL chars (i.e. more than 8) are encrypted at the password-distribution server, the user can't log in. But that is a bug in the password distribution implementation rather than a technical problem.. So, if anyone knows a list of characters to avoid or have examples of other characters that are KNOWN to cause problems on a certain OS or a service, I'd be happy to know. (I usually recommend users not to use any special chars but period and comma, but that might be an overkill even though it's a very convenient and uncomplicated rule of thumb. Since I want automatic generation of passwords in this case, I won't have to bother the users with lists of legal and illegal chars anyway.) Magni :) -- sash is very good for you. ___ techtalk mailing list [EMAIL PROTECTED] http://www.linux.org.uk/mailman/listinfo/techtalk
Re: [techtalk] problems with disk IBM 73 Gb
> I've never dealt with disks even half as large. I will be more
> curious that helpful here I'm sure but -
> Could you post the actual error messages your are getting and where the
> errors are being written to? Also this 'noise,' what kind of noise?
> Describe it more. When does it happen, any particular time?
The errors are shown when I do:
dmesg
hda: read_intr: status=0x59 { DriveReady SeekComplete DataRequest Error }
hda: read_intr: error=0x40 { UncorrectableError }, LBAsect=111610781,
sector=10436
end_request: I/O error, dev 03:03 (hda), sector 10436
hda: read_intr: status=0x59 { DriveReady SeekComplete DataRequest Error }
hda: read_intr: error=0x40 { UncorrectableError }, LBAsect=111610795,
sector=10450
end_request: I/O error, dev 03:03 (hda), sector 10450
hda: read_intr: status=0x59 { DriveReady SeekComplete DataRequest Error }
hda: read_intr: error=0x40 { UncorrectableError }, LBAsect=111610781,
sector=10436
end_request: I/O error, dev 03:03 (hda), sector 10436
Other times I see the messages on the text screen:
This machine has the I/O errors in /etc :
EXT2-fs error (device ide0(3,1)): ext2_read_inode: unable to read inode
block - inode=198603, block4
hda: read_intr: status=0x59 { DriveReady SeekComplete DataRequest Error }
hda: read_intr: error=0x40 { UncorrectableError }, LBAsect=3146895,
sector=3146832
end_request: I/O error, dev 03:01 (hda), sector 3146832
EXT2-fs error (device ide0(3,1)): ext2_read_inode: unable to read inode
block - inode=198605, block4
hda: read_intr: status=0x59 { DriveReady SeekComplete DataRequest Error }
hda: read_intr: error=0x40 { UncorrectableError }, LBAsect=3146895,
sector=3146832
end_request: I/O error, dev 03:01 (hda), sector 3146832
EXT2-fs error (device ide0(3,1)): ext2_read_inode: unable to read inode
block - inode=198608, block4
---
The noise is heard while I'm restarting the computer, and
it complains about the FS . Then I do:
e2fsck -y /dev/hda3
and while the disk is correcting itself it makes a noise
like a suing machine.
Thank you for your interest.
Bye,
Helen
___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk
Re: [techtalk] problems with disk IBM 73 Gb
On Mon, Mar 19, 2001 at 04:30:42PM +0200, Helen Katz wrote:
> > I've never dealt with disks even half as large. I will be more
> > curious that helpful here I'm sure but -
> > Could you post the actual error messages your are getting and where the
> > errors are being written to? Also this 'noise,' what kind of noise?
> > Describe it more. When does it happen, any particular time?
> The errors are shown when I do:
> dmesg
> hda: read_intr: status=0x59 { DriveReady SeekComplete DataRequest Error }
> hda: read_intr: error=0x40 { UncorrectableError }, LBAsect=111610781,
> sector=10436
> end_request: I/O error, dev 03:03 (hda), sector 10436
> hda: read_intr: status=0x59 { DriveReady SeekComplete DataRequest Error }
> hda: read_intr: error=0x40 { UncorrectableError }, LBAsect=111610795,
> sector=10450
>
> Other times I see the messages on the text screen:
> This machine has the I/O errors in /etc :
> EXT2-fs error (device ide0(3,1)): ext2_read_inode: unable to read inode
> block - inode=198603, block4
> hda: read_intr: status=0x59 { DriveReady SeekComplete DataRequest Error }
> hda: read_intr: error=0x40 { UncorrectableError }, LBAsect=3146895,
> sector=3146832
> ---
> The noise is heard while I'm restarting the computer, and
> it complains about the FS . Then I do:
> e2fsck -y /dev/hda3
> and while the disk is correcting itself it makes a noise
> like a suing machine.
> Thank you for your interest.
The errors you posted above are not ones I like to see. Usually that
means the drive is bad. I have read people have used hdparm to correct
disks that output error messages such as these but I'm sceptical
myself. You might use http://www.geocrawler.com/ and see what you can
drum up.
The noise your hearing "like a sewing machine" is probably just e2fsck
doing it's job. If you were hearing "clunks" that would be a dead
drive.
>From your original post I was under the impression that all 14 disks
were exhibiting this behavior. Is this true? If so I would say your
problem is one that is probably fixable. If you are getting errors such
as these on one or two disks, probably bad disks. At any rate if you
want to snag data off these disks you better do so quick. If you can't
at this point, if you let the disk cool down (some people put them in
the freezer) sometimes you can boot back in and retrieve data.
hth,
kent
--
From seeing and seeing the seeing has become so exhausted
First line of "The Panther" - R. M. Rilke
___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk
Re: [techtalk] Characters to avoid in passwords
Heya -- [re: characters known to cause problems in passwords] I've run into weird problems trying to feed a password containing an @ into PGP and RACCESS on Solaris 7. I have unfortunately forgotten what the error message was, but we were able to fix it by escaping the @ with a backslash in the file that we were reading the password from. I didn't see this problem with any of the other special characters, but our users may not have tried using them. (The only case I got a complaint about was an @.) Cheers, Raven = "Abrasive wheels and molten metals, It's a semi-automatic. Get in the car." __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ ___ techtalk mailing list [EMAIL PROTECTED] http://www.linux.org.uk/mailman/listinfo/techtalk
Re: [techtalk] HD Noises (was: problems with disk IBM 73 Gb)
(ktb:) > > The noise your hearing "like a sewing machine" is probably just e2fsck > doing it's job. If you were hearing "clunks" that would be a dead > drive. While we're on the arcane subject of being able to interpret and diagnose various hard drive sounds, I'm told that a HD that sounds like a little chainsaw as it spins is one that's on its way out. I wonder if this is bearings starting to wear, fine dust getting into the sealed internals, ...? Rick -- key CF8F8A75 / print C5C1 F87D 5056 D2C0 D5CE D58F 970F 04D1 CF8F 8A75 Beggars get handouts before philosophers because people have some idea of what it's like to be blind and lame. :Diogenes ___ techtalk mailing list [EMAIL PROTECTED] http://www.linux.org.uk/mailman/listinfo/techtalk
Re: [techtalk] Linux Kernel
On Mon, Mar 19, 2001 at 02:44:10PM -0800, Puff Devil wrote: Content-Description: kernel trouble.txt > I tried typing the easier to use "make menuconfig" and got > errors as noted: > > [root@localhost linux]# make menuconfig > rm -f include/asm > ( cd include ; ln -sf asm-i386 asm) > make -C scripts/lxdialog all > make[1]: Entering directory `/home/richard/linux/scripts/lxdialog' > /usr/bin/ld: cannot open crt1.o: No such file or directory > collect2: ld returned 1 exit status > > >> Unable to find the Ncurses libraries. > >> > >> You must have Ncurses installed in order > >> to use 'make menuconfig' > > make[1]: *** [ncurses] Error 1 > make[1]: Leaving directory `/home/richard/linux/scripts/lxdialog' > make: *** [menuconfig] Error 2 > > > then I tried using "make xconfig" and got errors aswell... > > [root@localhost linux]# make xconfig > rm -f include/asm > ( cd include ; ln -sf asm-i386 asm) > make -C scripts kconfig.tk > make[1]: Entering directory `/home/richard/linux/scripts' > gcc -Wall -Wstrict-prototypes -O2 -fomit-frame-pointer -c -o tkparse.o >tkparse.ctkparse.c:48: stdio.h: No such file or directory > tkparse.c:49: stdlib.h: No such file or directory > tkparse.c:50: string.h: No such file or directory > make[1]: *** [tkparse.o] Error 1 > make[1]: Leaving directory `/home/richard/linux/scripts' > make: *** [xconfig] Error 2 > [root@localhost linux]# > > What am I supposed to try now. I even tried going through all > the "make config" crap and did a "make dep" and still got errors... > > Please help. Looks to me like you need to install "libc6-dev" Both - stdlib.h crt1.o reside there on my debian system. kent -- From seeing and seeing the seeing has become so exhausted First line of "The Panther" - R. M. Rilke ___ techtalk mailing list [EMAIL PROTECTED] http://www.linux.org.uk/mailman/listinfo/techtalk
[techtalk] Linux Kernel
__ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ I tried typing the easier to use "make menuconfig" and got errors as noted: [root@localhost linux]# make menuconfig rm -f include/asm ( cd include ; ln -sf asm-i386 asm) make -C scripts/lxdialog all make[1]: Entering directory `/home/richard/linux/scripts/lxdialog' /usr/bin/ld: cannot open crt1.o: No such file or directory collect2: ld returned 1 exit status >> Unable to find the Ncurses libraries. >> >> You must have Ncurses installed in order >> to use 'make menuconfig' make[1]: *** [ncurses] Error 1 make[1]: Leaving directory `/home/richard/linux/scripts/lxdialog' make: *** [menuconfig] Error 2 then I tried using "make xconfig" and got errors aswell... [root@localhost linux]# make xconfig rm -f include/asm ( cd include ; ln -sf asm-i386 asm) make -C scripts kconfig.tk make[1]: Entering directory `/home/richard/linux/scripts' gcc -Wall -Wstrict-prototypes -O2 -fomit-frame-pointer -c -o tkparse.o tkparse.ctkparse.c:48: stdio.h: No such file or directory tkparse.c:49: stdlib.h: No such file or directory tkparse.c:50: string.h: No such file or directory make[1]: *** [tkparse.o] Error 1 make[1]: Leaving directory `/home/richard/linux/scripts' make: *** [xconfig] Error 2 [root@localhost linux]# What am I supposed to try now. I even tried going through all the "make config" crap and did a "make dep" and still got errors... Please help. Richard Carnes ([EMAIL PROTECTED])
[techtalk] REJECT packet is logged as DENY....
Hi, I have implemented one particular rule on the input chain. The rule explicitly REJECTs queries on port 113. In my kernel-logs, the access is logged in as a DENY. Here is the rule syntax: ipchains -A input -j REJECT -i eth2 -s any/0 -d 10.23.86.125 -p TCP ! -y the entry in syslog is: Mar 18 18:39:48 pasta kernel: Packet log: input DENY eth0 PROTO=6 24.24.63.86:62779 10.23.86.125:113 L=60 S=0x00 I=26383 F=0x4000 T=52 SYN (#11) Why is it logged in as a DENY? Thank you in advance. -- Subba Rao [EMAIL PROTECTED] http://pws.prserv.net/truemax/ ___ techtalk mailing list [EMAIL PROTECTED] http://www.linux.org.uk/mailman/listinfo/techtalk
[techtalk] Re: REJECT packet is logged as DENY....
On 0, Subba Rao <[EMAIL PROTECTED]> wrote: > Hi, > > I have implemented one particular rule on the input chain. The rule explicitly > REJECTs queries on port 113. In my kernel-logs, the access is logged in as > a DENY. > > Here is the rule syntax: > > ipchains -A input -j REJECT -i eth2 -s any/0 -d 10.23.86.125 -p TCP ! -y > > the entry in syslog is: Correction in the log typo Mar 18 18:39:48 pasta kernel: Packet log: input DENY eth2 PROTO=6 24.24.63.86:62779 10.23.86.125:113 L=60 S=0x00 I=26383 F=0x4000 T=52 SYN (#11) It was eth2 and not eth0. > > Why is it logged in as a DENY? > > Thank you in advance. -- Subba Rao [EMAIL PROTECTED] http://pws.prserv.net/truemax/ ___ techtalk mailing list [EMAIL PROTECTED] http://www.linux.org.uk/mailman/listinfo/techtalk
Re: [techtalk] Re: REJECT packet is logged as DENY....
(Subba Rao:) > Mar 18 18:39:48 pasta kernel: Packet log: input DENY eth2 PROTO=6 > 24.24.63.86:62779 10.23.86.125:113 L=60 S=0x00 I=26383 F=0x4000 > T=52 SYN (#11) ^^ If I surmise correctly, this (#11) should be the number of the rule that's causing the packet to be dropped on the floor. My first intuition would be to check and make sure that the packets aren't hitting a DENY rule early in the chain, and getting dropped before they're checked against the REJECT rule further down. I would check it out with an `ipchains --line-numbers -L input' and see what rule #11 is. > Mar 18 18:39:48 pasta kernel: ... ^ =) Rick -- key CF8F8A75 / print C5C1 F87D 5056 D2C0 D5CE D58F 970F 04D1 CF8F 8A75 Nemo Me Impune Lacessit. (No One Shall Touch Me with Impunity.) :Scottish Motto ___ techtalk mailing list [EMAIL PROTECTED] http://www.linux.org.uk/mailman/listinfo/techtalk
Re: [techtalk] Making vi show control characters?
Amanda Babcock wrote: > Does anybody know how to make vi pass control characters through instead > of showing them as hex numbers? IIRC, type ^V before the character. (EG: ^V^C) Save before you try this... Jenn V. -- "Do you ever wonder if there's a whole section of geek culture you miss out on by being a geek?" - Dancer. [EMAIL PROTECTED] Jenn Vesperman http://www.simegen.com/~jenn/ ___ techtalk mailing list [EMAIL PROTECTED] http://www.linux.org.uk/mailman/listinfo/techtalk
[techtalk] Making vi show control characters?
Does anybody know how to make vi pass control characters through instead of showing them as hex numbers? Thanks! Amanda ___ techtalk mailing list [EMAIL PROTECTED] http://www.linux.org.uk/mailman/listinfo/techtalk
Re: [techtalk] Re: REJECT packet is logged as DENY....
(Subba Rao:) > > > >> Mar 18 18:39:48 pasta kernel: Packet log: input DENY eth2 PROTO=6 > >> 24.24.63.86:62779 10.23.86.125:113 L=60 S=0x00 I=26383 F=0x4000 > >> T=52 SYN (#11) (coldfire:) > if the kernel's logging it .. i'm assuming it's a 2.4.x kernel, and > therfore this person better be using iptables ;P Subba didn't mention what kernel zie was running, but I've still got 2.2.17, and my logfiles look the same: shadow> ./packets Mar 19 08:01:16 shadowspar kernel: Packet log: input - ppp0 PROTO=6 61.6.130.145:4480 64.230.122.92:1080 L=48 S=0x00 I=8854 F=0x4000 T=113 SYN (#16) Mar 19 08:32:22 shadowspar kernel: Packet log: input DENY ppp0 PROTO=6 200.202.38.27:2336 64.230.122.92:111 L=60 S=0x00 I=61932 F=0x4000 T=45 SYN (#14) Mar 19 09:37:52 shadowspar kernel: Packet log: input - ppp0 PROTO=6 195.92.249.252:2573 64.230.122.92:25 L=60 S=0x00 I=56226 F=0x4000 T=37 SYN (#16) shadow> uname -a Linux shadowspar 2.2.17 #1 Fri Feb 9 09:58:34 EST 2001 i586 unknown I am told that iptables is most groovy, but I haven't had any experience with it yet... Rick -- key CF8F8A75 / print C5C1 F87D 5056 D2C0 D5CE D58F 970F 04D1 CF8F 8A75 There is no expedient to which man will not resort to avoid the real labour of thinking. :Thomas Edison ___ techtalk mailing list [EMAIL PROTECTED] http://www.linux.org.uk/mailman/listinfo/techtalk
