Cramsession Linux Newsletter

home

Jan 24 2002

                    LINUX NEWS
        Resources & Links From CramSession.com
            Thursday, January 24, 2002

TABLE OF CONTENTS

1) Sean’s Notes

2) Linux News

A Linux Guy Looks At BSD
Superlative SMTP from SuSE
Red Hat Earns Top Marks on RHCE
U.K. Police Force Considers Linux for Desktops

3) Linux Resources

A Network Intrusion Detector's Look at Suspicious Events
SED One Liners
How to Make Network Configuration as Easy as DHCP
Linux XDMCP HOWTO
Aduva Manager

4) App o’ the week

~~~~~~~~~~~~~~~~~~~~~~ ADVERTISEMENT ~~~~~~~~~~~~~~~~~~~~~~~

Try Our IT Certification Courses FREE! SmartCertify Direct gives you classroom-quality IT training at a fraction of the cost of traditional courses. You’ll get 24-hour online mentoring from certified advisors, hands-on interactive exercises, the popular Test Prep exams and more! Choose from MCSE, Cisco, A+, CIW, Linux and many other courses. Click below to try them all FREE and register to WIN a state of the art Dell PC!

http://ad.brainbuzz.com/?RC06&AIG62

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

For information on how to advertise in this newsletter please contact mailto:adsales@CramSession.com or visit http://cramsession.com/marketing/default.asp

1) Sean’s Notes

Last week I started using Razor to help filter out the spam that I get at home:

http://razor.sourceforge.net

About 30% of incoming spam was detected. Given that installation took half an hour, and that I don’t even notice it’s there, I’m pretty happy.

Razor is not without its problems, though. The basis of the system is that people seeing spam send in a hash of the message to a central server. Every incoming message is then compared against the central database to see if it’s being reported as spam.

Since anyone can use the system, there is no quality control over what gets reported. I’ve found that some mailing lists I’m on often get flagged as spam. A trust system is in the works, which should improve things significantly. Until then, though, I see Razor as an easy way to get rid of a chunk of spam that clogs your mailbox.

Installation is simple. After downloading the tarball, I unpackaged it:

tar -xzf razor-agents-1.19.tar.gz

cd razor-agents-1.19

perl Makefile.pl

The last command will let you know if you’re missing any modules. If it reports that you’re missing, say, Mail::Internet, just get cpan to install it:

cpan

install Mail::Internet

Once that’s all taken care of, you can build the razor- agents and install them:

make

make test

make install

Procmail is made for filtering mail, and is the natural place to insert Razor. For just one user, you can add a .forward file in your home directory:

“|IFS=’ ‘&&exec /usr/bin/procmail -f-||exit 75 #sean”

And then a .procmailrc file to hold your recipes:

0 Wc | razor-check

0 Waf | formail -i “Subject: Razor Warning: SPAM/UBE/UCE”

The first rule passes the message through razor-check, which returns a value based on a match in the spam database. The second rule runs only if the first one returned success (ie spam). Since there still is the possibility of false positives, I pass it through the formail command, which changes the subject of the message rather than deleting it.

A couple of emails to myself tests that everything works, but this is only half the equation. I need some way of reporting spams myself.

/etc/mail/aliases (or /etc/aliases) is the sendmail way of redirecting mail from local accounts. What I’m going to do is create a fake “razor@mydomain.com” address, which sends all mail through razor-report, which in turn adds the message to the database.

razor: “|/usr/bin/razor-report”

After running “newaliases” to rebuild the database, I’m done (see, I told you razor was easy to set up!). This account has two uses. The first is that whenever I see a spam message that wasn’t caught, I bounce it to razor@mydomain.com. The second thing I can do is use the razor@mydomain.com for applications where I know only spammers will send messages to. For example, my return address in newsgroup postings (though I’ll have to include my real address in the message so people can get to me). When spammers hit my fake address (otherwise known as a troll address), they’ll have added their own spam to the database automatically.

If you do decide to use Razor, I’d suggest following the development of the software and keep up on upgrades. Once the trust system is implemented, I’d feel safe automatically deleting messages flagged as spam.

My quest to rid my mailbox isn’t over! I know that last week I said I wouldn’t use anything that relies on heuristics, but Spam Assassin looks too good to pass up. I’ll be covering this software in a future article.

http://spamassassin.org/

More Procmail resources:

http://www.procmail.org http://www.procmail.org/jari/pm-tips.html http://www.uwasa.fi/~ts/info/proctips.html

Long live the Penguin,

Sean mailto:swalberg@cramsession.com

2) Linux News

A Linux Guy Looks At BSD

The BSDs are thought to be in a world of their own (though they possibly say the same about the SYSV camp), so most Linux users have probably never touched any of them. This article is one Linux user’s account of his look at NetBSD.

http://www.newsforge.com/article.pl?sid/01/21/2215207

Superlative SMTP from SuSE

SuSE, the German distribution, has announced the release of SuSE eMail Server III, a full-featured groupware system. It’s got some good features that make it a good fit for some organizations, but the 1,000 user limit and poor backup system make it unsuitable for the larger shops.

http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2840275 ,00.html

Red Hat Earns Top Marks on RHCE

Certification Magazine reviewed the major certifications out there, and ranked them in various categories. Out of eight categories, the RHCE was ranked first place three times, and in the remaining five, picked up second or third. Wow!

http://www.redhat.com/about/presscenter/2002/press_training.html

U.K. Police Force Considers Linux for Desktops

“A U.K. police advisory body, the Police Information Technology Organization (PITO), has launched a three-month study to consider the possibility of using the Linux operating system on all police force desktops…” Reading a bit further, they’re talking about 60,000 machines!

http://www.linuxworld.com/ic_794420_6995_1-3133.html

3) Linux Resources

A Network Intrusion Detector’s Look at Suspicious Events

While this paper is mostly on how to look at your network traffic to determine the source of crackers, it has an excellent tutorial on the tcpdump utility. Tcpdump is a command line packet sniffer that you can find on pretty much any UNIX. Interpreting its output is difficult, which is where this paper comes in.

http://www.securityfocus.com/library/1853

SED One Liners

SED, the Stream EDitor, is a handy filter to have in your toolbox. The SED language itself is pretty arcane, but this web page spells out all the common (and some no so common, but handy nonetheless) uses.

http://www.ptug.org/sed/one_liners.html

How to Make Network Configuration as Easy as DHCP

DHCP, the Dynamic Host Configuration Protocol, is a handy way to handle the addressing of many machines, both Windows and Unix. Once you get the hang of the syntax, the ISC DHCP server is really powerful. This article gives an excellent introduction to the software, and how to configure it for your network.

http://www.linux-mag.com/2000-04/networknirvana_01.html

Linux XDMCP HOWTO

X-Windows allows remote connections, just like in a terminal services environment. This is great for thin clients, or to give graphical Unix access to Windows machines. It’s all done through XDMCP, but you’ll want this HOWTO handy when it comes time to enable it.

http://www.linuxdoc.org/HOWTO/XDMCP-HOWTO/index.html

Aduva Manager

Aduva Manager “detects and recognizes software, hardware, and kernel components and maintains a local system inventory.” It’s a commercial offering, but there is a 30-day evaluation available. From the features listed on the web page, this product looks like a real time saver for those of us with multiple machines to watch over.

http://www.aduva.com/solutions_1b.html

4) App o’ the week

Having been an ICQ user for years (I’ve got a 6 digit UIN, if that says anything), I’ve never tried out any of the competition. This week’s app is the official Yahoo! client for their instant messenger.

http://messenger.yahoo.com/messenger/download/unix.html

(C) 2002 BrainBuzz.com, Inc. All Rights Reserved.

     This message is from CramSession.com.

You are currently subscribed to the Hottest Linux News and Resources as: sean@ertw.com

To un-subscribe from this newsletter by e-mail: send a blank email message to: mailto:leave-linuxnews-3825955Y@list.cramsession.com

To Subscribe to this newsletter by e-mail: send a blank email message to:

mailto:join-linuxnews@list.cramsession.com

github.com/swalberg
twitter.com/seanwalberg