Re: [techtalk] Marking the Mutt folder contents

[Telsa Gwynne]

On Fri, Jun 29, 2001 at 10:13:43PM + or thereabouts, Subba Rao wrote:
> 
> I do tag several email and save them to a folder in one attempt. How do I
> 'delete' or mark the contents of the email folder as 'read' in one attempt?

t for tag a message. 
T for tag a pattern.
in this case the pattern would be all: ~A
Then you have tagged them all, and can act on all of them at once with
a ";" mark followed by the action you want to perform. The "set a status
flag" command is "w" (they must have run out of useful mnemonics by
then!) and then it prompts you with what to mark them as. ("W" is 
clear-that-flag, btw.)

So T~A;wd would tag the lot, then perform "mark as deleted" on all tagged
messages. 

I can't find how to mark as read off-hand. I'm sure it's somewhere.
I mostly find them when I do them by accident. 

Much simpler, if you're going to mark as deleted, is D~A
d is delete
D is delete a pattern.
And ~A is the pattern: all. 

So: D~A will delete all in a folder. 

I use D~A quite a bit myself. I have a folder of CVS commits, and I am
only interested in half a dozen modules. I have those appear at the
top with sort-by-score, read those, and then D~A and away they go.

Reading this, it occurs to me to wonder why I claim vi(m) commands 
are cryptic. Must dig out the "Learning Vim" book again. 

Telsa

___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

[techtalk] (Rant) Linux and security

[kath]

My friend works for an ISP.  Last week, 
a machine (a server at a company they provide high speed access for) was 
compromised and was used to launch attacks at others and I believe used as a 
slave in DDoS attacks (His network was extremely slow and once the 
user unplugged the compromised machine, his network speed issues cleared 
up).  Of course, the receiver of the attacks complained and my friend's ISP 
had to call the user.
 
I scanned the machine (nmap-ed) as a favor 
for my friend and was totally _unshocked_ to find that this guy had 
basically a stock Linux (probably Red Hat) install, with vulnerable ancient 
sendmail, sunrpc and telnet, amongst others.  The ISP 
employee talking on the phone to this user simply told him to format the 
machine, which I wish he hadn't, so myself and my friend could have done a 
forensics and figured out what was going on and how to prevent it.  Now 
this guy will basically reinstall his distro with the same vulnerable 
services
 
Now the fact this person was hacked did not shock 
me.  What does shock me is the following:
 
So many Linux distributions come out of box with so 
many unneccessary services, EVEN when they are installed with 
the "Server" option.  WHY?  Even a Debian install with no 
packages dselected in the installer has sunrpc open.  Is there a legitimate 
use for sunrpc?  I've never seen or heard of one (albeit I am newer to 
*nix).
 
While this is all fine and dandy for the user since 
he can run 800 nifty services on the same box, I think the idea that "Linux is 
SOOO secure over NT" leads to a false sense of security that any Linux (or any 
OS for that issue) is 100% secure out of box.
 
After I was almost compromised a few weeks ago in 
an attack that scared the !@^& out of me (coordinated assault from machines 
in Japan and Germany), I went totally ape about security (and this is my home 
cable modem linux router they were attacking).  Now I had never considered 
a home cable modem linux router a target (well, until I read about the grc.com 
attacks), but now I was a security deiti on the warpath.  I had never been 
that much into security prior, but now I was totally in tune with 
it.
 
I formatted the box (even though I don't believe 
they got in), reinstalled Debian with no packages dselected, went around 
terminating default services until there were no services running, installing 
snort and portsentry, brought up the daemons one by one, doing a gestapo-ish 
firewall rules set and more.
 
I think the whole idea that some people market 
linux as being "ultra secure" is false and misleading (well actually it is the 
truth).  I think every boxed Linux distribution and every installer should 
have as the last screen a link to information about security resources and basic 
steps to take to secure the machine.  
 
Hell, I think distribution managers should take the 
initiative and shut off known vulnerable services by default and then later give 
the administrator the option to turn them on one by one... but only with a giant 
caveat message and a link (or maybe an automatic thing) to grab the latest 
patched version.  Debian sort of does this with the idea of apt-get 
upgrade, but by default it only pulls packages out of stable (rarely updated) 
and adding testing or security sources are not readily shown how or explained 
unless you do the un-newbish thing of RTFMing or going online.
 
Now I know some of you might say "TRY OPENBSD ITS 
ULTRA SECURE!@!@#!Y@I#&".  The problem with OBSD (even though I enjoy 
playing with it), is that it isn't marketed to the mainstream.  Most 
companies, especially new ones that don't necessarily have experienced server 
admins (well sometimes experience is bad if they are set on only using one type 
of OS), will default to WindowsNT/2000 or Red Hat.  OBSD does not also have 
the user friendlyness some people need (Even tho I think any *nix admin should 
be able to work with commandline, a basic text only installer and man pages), so 
it isn't used.    
 
I know one reason the sysadmin for my local school 
district uses NT is because it is so easy without much learning.  Once, we 
were trying to add an second IP to a network card in the 
main linux web server and scanning doc files for the command.  
Just to taunt us, he walked over to an NT4 machine and did it in less than 20 
seconds.  Of course, this is an admin that applies service packs and 
hotfixes once in a bluemoon =o
 
I dunno why this rilies me up, I just get 
frustrated sometimes.
 
- kath
 
p.s. this post doesn't fit my normal style of short 
and to the point.  Would it have been better if I used diagrams or even 
unrelated clip art to liven it up? ;p

[techtalk] switch function in C (or how to read commandline args?)

[Conor Daly]

I want to read a bunch of commandline args or config options from file 
in a C program.  Now, in bash, I can use a switch structure to do stuff
based on the *string* presented.  AFAIR, in C, you can only switch on an
*int*.

So, how do I use a switch to process my config options? Or do I have to
build an "if; elseif; else" ladder instead?  I have options in a config
file that look like

 
location Belmullet
name "Joe Bloggs"

and commandline switches like

--force
-C /path/to/config.file

I can read these and put the values into "opt" and "arg" but what I need
to do next is the C equivalent to the following (bash)

case $opt in
name)
NAME=$arg
;;
location)
LOCATION=$arg
;;
--force)
FORCE=TRUE
;;
-C)
CONFIG_FILE=$arg
readconfig($CONFIG_FILE)
;;
*)
echo "AARRRGGG!"
;;
esac

I even tried 

case (! strcmp(opt,"config-file")):

to try and return an integer for the case statement but it 
seems to need a constant rather than the return value from 
function to work properly.

TIA
Conor
-- 
Conor Daly <[EMAIL PROTECTED]>

Domestic Sysadmin :-)
-
Faenor.cod.ie
  9:15pm  up 15 days, 21:32,  0 users,  load average: 0.08, 0.02, 0.01
Hobbiton.cod.ie
  9:21pm  up 15 days, 21:38,  2 users,  load average: 0.00, 0.00, 0.00

___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] switch function in C (or how to read commandline args?)

[James A . Sutherland]

On Sat, 30 Jun 2001 21:32:38 +0100, you wrote:

>I want to read a bunch of commandline args or config options from file 
>in a C program.  Now, in bash, I can use a switch structure to do stuff
>based on the *string* presented.  AFAIR, in C, you can only switch on an
>*int*.
>
>So, how do I use a switch to process my config options? Or do I have to
>build an "if; elseif; else" ladder instead?  I have options in a config
>file that look like
>
> 
>location Belmullet
>name "Joe Bloggs"
>
>and commandline switches like
>
>--force
>-C /path/to/config.file
>
>I can read these and put the values into "opt" and "arg" but what I need
>to do next is the C equivalent to the following (bash)
>
>case $opt in
>   name)
>   NAME=$arg
>   ;;
>   location)
>   LOCATION=$arg
>   ;;
>   --force)
>   FORCE=TRUE
>   ;;
>   -C)
>   CONFIG_FILE=$arg
>   readconfig($CONFIG_FILE)
>   ;;
>   *)
>   echo "AARRRGGG!"
>   ;;
>esac
>
>I even tried 
>
>case (! strcmp(opt,"config-file")):
>
>to try and return an integer for the case statement but it 
>seems to need a constant rather than the return value from 
>function to work properly.

Unfortunately, C can't do this in a very nice way. As you've seen,
each case statement will only work with a constant - a single
character, or a number. What you can do is switch() on the FIRST
character of the word, then use strcmp() to check for each possibility
- something like this:

#include 

int main(int argc, char* argv[])
{
if (argc != 2)
return 0;
switch(*argv[1])
{
case 'f':
if (!strcmp("foo",argv[1]))
printf("foo\n");
if (!strcmp("far",argv[1]))
printf("far\n");
break;
default:
break;
}
return 0;
}


This takes "foo" and "far" as being valid statements, and just prints
them; anything else is just ignored. Obviously, if you had lots of
statements starting with the same character (like all the --enable...
options for GNU autoconf's configure scripts) you can use a second or
third level of switch() statements.

It would be nice if C could be used with case "foo", but I suppose
implementing that efficiently would have been too stressfull for the
original C compilers?

You can do something similar using the GNU getopt library, I think,
but I haven't looked very closely at that - and besides, hand-rolling
code is much more rewarding ;-)


James.

___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] switch function in C (or how to read commandline args?)

[James A . Sutherland]

On Sat, 30 Jun 2001 17:56:28 -0500, you wrote:

>[EMAIL PROTECTED] said:
>> What you can do is switch() on the FIRST character of the word, then
>> use strcmp() to check for each possibility - something like this:
>
>Yuck.  Argument parsing is not a performance problem. 

Arguments? No. I just used arguments as a simple example. Conor
mentioned he was parsing some sort of configuration file, though. If
you're running from inetd, or as a short-lived utility, this could
well be an issue.

Also, from an aesthetic point of view, a single block of strcmp()s
will bring my lunch back. I like to have a nice simple control flow,
instead of having massive fanouts with lots of duplicated effort...

> If you want to roll 
>your own code, then just do a chain of strcmps (and if you feel like 
>optimizing that, stick the commonly used options first).  If you don't,
>
>> You can do something similar using the GNU getopt library

getopt is OK for handling arguments in most cases (being LGPLed), but
not for configuration files etc. Besides, using someone else's library
doesn't answer the more general question of "how do I do a
switch()-like operation on a set of strings?" - a question I'm dealing
with in another context at the moment...


James.

___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] ssh woes/mysteries

[P. M. Wright]

On June 29, 2001 02:25 pm, Michelle Murrain wrote:
> The strange part, is I also can't ssh into that box from a Mac OS X
> machine that sits next to it. But other linux boxes on the network
> work fine.
try ssh-ing from the Mac OSX box using the IP number, rather than the server 
name. I'll bet you'll find that it works.

___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk