Cramsession Linux Newsletter

home

2002 01 24

                    LINUX NEWS
        Resources & Links From CramSession.com
            Thursday, January 24, 2002

TABLE OF CONTENTS

1) Sean’s Notes

2) Linux News

A Linux Guy Looks At BSD
Superlative SMTP from SuSE
Red Hat Earns Top Marks on RHCE
U.K. Police Force Considers Linux for Desktops

3) Linux Resources

A Network Intrusion Detector's Look at Suspicious Events
SED One Liners
How to Make Network Configuration as Easy as DHCP
Linux XDMCP HOWTO
Aduva Manager

4) App o’ the week

~~~~~~~~~~~~~~~~~~~~~~ ADVERTISEMENT ~~~~~~~~~~~~~~~~~~~~~~~

Try Our IT Certification Courses FREE! SmartCertify Direct gives you classroom-quality IT training at a fraction of the cost of traditional courses. You’ll get 24-hour online mentoring from certified advisors, hands-on interactive exercises, the popular Test Prep exams and more! Choose from MCSE, Cisco, A+, CIW, Linux and many other courses. Click below to try them all FREE and register to WIN a state of the art Dell PC!

http://ad.brainbuzz.com/?RC06&AIG62







For information on how to advertise in this newsletter
please contact mailto:adsales@CramSession.com or visit
http://cramsession.com/marketing/default.asp

-------------------------
1) Sean's Notes
-------------------------

Last week I started using Razor to help filter out the spam
that I get at home:

http://razor.sourceforge.net

About 30% of incoming spam was detected.  Given that
installation took half an hour, and that I don't even notice
it's there, I'm pretty happy.

Razor is not without its problems, though.  The basis of the
system is that people seeing spam send in a hash of the message
to a central server.  Every incoming message is then compared
against the central database to see if it's being reported as
spam.

Since anyone can use the system, there is no quality control
over what gets reported.  I've found that some mailing lists
I'm on often get flagged as spam.  A trust system is in the
works, which should improve things significantly.  Until
then, though, I see Razor as an easy way to get rid of a
chunk of spam that clogs your mailbox.

Installation is simple.  After downloading the tarball, I
unpackaged it:

# tar -xzf razor-agents-1.19.tar.gz
# cd razor-agents-1.19
# perl Makefile.pl

The last command will let you know if you're missing any
modules.  If it reports that you're missing, say,
Mail::Internet, just get cpan to install it:

# cpan
> install Mail::Internet

Once that's all taken care of, you can build the razor-
agents and install them:

# make
# make test
# make install

Procmail is made for filtering mail, and is the natural place
to insert Razor.  For just one user, you can add a .forward
file in your home directory:

"|IFS=' '&&exec /usr/bin/procmail -f-||exit 75 #sean"

And then a .procmailrc file to hold your recipes:

:0 Wc
| razor-check
:0 Waf
| formail -i "Subject: Razor Warning: SPAM/UBE/UCE"

The first rule passes the message through razor-check, which
returns a value based on a match in the spam database.  The
second rule runs only if the first one returned success
(ie spam).  Since there still is the possibility of false
positives, I pass it through the formail command, which
changes the subject of the message rather than deleting it.

A couple of emails to myself tests that everything works, but
this is only half the equation.  I need some way of reporting
spams myself.

/etc/mail/aliases (or /etc/aliases) is the sendmail way of
redirecting mail from local accounts.  What I'm going to do
is create a fake "razor@mydomain.com" address, which sends
all mail through razor-report, which in turn adds the
message to the database.

razor:	"|/usr/bin/razor-report"

After running "newaliases" to rebuild the database, I'm done
(see, I told you razor was easy to set up!).  This account
has two uses.  The first is that whenever I see a spam
message that wasn't caught, I bounce it to razor@mydomain.com.
The second thing I can do is use the razor@mydomain.com for
applications where I know only spammers will send messages to.
For example, my return address in newsgroup postings (though
I'll have to include my real address in the message so people
can get to me).  When spammers hit my fake address (otherwise
known as a troll address), they'll have added their own spam
to the database automatically.

If you do decide to use Razor, I'd suggest following the
development of the software and keep up on upgrades.  Once
the trust system is implemented, I'd feel safe automatically
deleting messages flagged as spam.

My quest to rid my mailbox isn't over!  I know that last week
I said I wouldn't use anything that relies on heuristics, but
Spam Assassin looks too good to pass up.  I'll be covering
this software in a future article.

http://spamassassin.org/

More Procmail resources:

http://www.procmail.org
http://www.procmail.org/jari/pm-tips.html
http://www.uwasa.fi/~ts/info/proctips.html

Long live the Penguin,

Sean
mailto:swalberg@cramsession.com

-------------------------
2) Linux News
-------------------------

------------------------
A Linux Guy Looks At BSD
------------------------
The BSDs are thought to be in a world of their own (though
they possibly say the same about the SYSV camp), so most
Linux users have probably never touched any of them. This
article is one Linux user's account of his look at NetBSD.

http://www.newsforge.com/article.pl?sid/01/21/2215207

--------------------------
Superlative SMTP from SuSE
--------------------------
SuSE, the German distribution, has announced the release of
SuSE eMail Server III, a full-featured groupware system.
It's got some good features that make it a good fit for some
organizations, but the 1,000 user limit and poor backup
system make it unsuitable for the larger shops.

http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2840275
,00.html

-------------------------------
Red Hat Earns Top Marks on RHCE
-------------------------------
Certification Magazine reviewed the major certifications out
there, and ranked them in various categories. Out of eight
categories, the RHCE was ranked first place three times, and
in the remaining five, picked up second or third. Wow!

http://www.redhat.com/about/presscenter/2002/press_training.html

----------------------------------------------
U.K. Police Force Considers Linux for Desktops
----------------------------------------------
"A U.K. police advisory body, the Police Information
Technology Organization (PITO), has launched a three-month
study to consider the possibility of using the Linux operating
system on all police force desktops..." Reading a bit further,
they're talking about 60,000 machines!

http://www.linuxworld.com/ic_794420_6995_1-3133.html

-------------------------
3) Linux Resources
-------------------------


--------------------------------------------------------
A Network Intrusion Detector's Look at Suspicious Events
--------------------------------------------------------
While this paper is mostly on how to look at your network
traffic to determine the source of crackers, it has an
excellent tutorial on the tcpdump utility. Tcpdump is a
command line packet sniffer that you can find on pretty
much any UNIX. Interpreting its output is difficult, which
is where this paper comes in.

http://www.securityfocus.com/library/1853

--------------
SED One Liners
--------------
SED, the Stream EDitor, is a handy filter to have in your
toolbox. The SED language itself is pretty arcane, but this
web page spells out all the common (and some no so common,
but handy nonetheless) uses.

http://www.ptug.org/sed/one_liners.html

-------------------------------------------------
How to Make Network Configuration as Easy as DHCP
-------------------------------------------------
DHCP, the Dynamic Host Configuration Protocol, is a handy
way to handle the addressing of many machines, both Windows
and Unix. Once you get the hang of the syntax, the ISC DHCP
server is really powerful. This article gives an excellent
introduction to the software, and how to configure it for
your network.

http://www.linux-mag.com/2000-04/networknirvana_01.html

-----------------
Linux XDMCP HOWTO
-----------------
X-Windows allows remote connections, just like in a terminal
services environment. This is great for thin clients, or to
give graphical Unix access to Windows machines. It's all done
through XDMCP, but you'll want this HOWTO handy when it comes
time to enable it.

http://www.linuxdoc.org/HOWTO/XDMCP-HOWTO/index.html

-------------
Aduva Manager
-------------
Aduva Manager "detects and recognizes software, hardware,
and kernel components and maintains a local system inventory."
It's a commercial offering, but there is a 30-day evaluation
available. From the features listed on the web page, this
product looks like a real time saver for those of us with
multiple machines to watch over.

http://www.aduva.com/solutions_1b.html

-------------------------
4) App o' the week
-------------------------
Having been an ICQ user for years (I've got a 6 digit UIN,
if that says anything), I've never tried out any of the
competition. This week's app is the official Yahoo! client
for their instant messenger.

http://messenger.yahoo.com/messenger/download/unix.html

-------------------------
(C) 2002 BrainBuzz.com, Inc. All Rights Reserved.
-------------------------
-------------------------

         This message is from CramSession.com.

You are currently subscribed to the
   Hottest Linux News and Resources
   as: sean@ertw.com

To un-subscribe from this newsletter by e-mail:
   send a blank email message to:
   mailto:leave-linuxnews-3825955Y@list.cramsession.com

-------------------------------------------------------

To Subscribe to this newsletter by e-mail:
   send a blank email message to:
   mailto:join-linuxnews@list.cramsession.com
-------------------------

github.com/swalberg
twitter.com/seanwalberg