From: Digest To: "OS/2GenAu Digest" Date: Wed, 22 Jan 2003 00:02:03 EST-10EDT,10,-1,0,7200,3,-1,0,7200,3600 Subject: [os2genau_digest] No. 530 Reply-To: X-List-Unsubscribe: www.os2site.com/list/ ************************************************** Tuesday 21 January 2003 Number 530 ************************************************** Subjects for today 1 Re: [os2genau] Internet security question : Gavin Miller" 2 Re: [os2genau] Internet security question : Ed Durrant 3 Re: [os2genau] Internet security question : Ian Manners" 4 [os2genau] * Reminder * - Melbourne OS/2 SIG Meeting : List Admin" 5 Re: [os2genau] Internet security question : Daryl Pilkington" 6 Re: [os2genau] Internet security question : Gavin Miller" 7 Re: [os2genau] Internet security question - originated/received time : Mike O'Connor" 8 Re: [os2genau] Internet security question - originated/received time : Mike O'Connor" 9 Re: [os2genau] Internet security question - originated/received time : Gavin Miller" 10 Re: [os2genau] Internet security question - originated/received time : Mike O'Connor" 11 Re: [os2genau] Internet security question - originated/received time : Gavin Miller" 12 Re: [os2genau] Internet security question : Ian Manners" 13 [os2genau] : Ian Manners" 14 Re: [os2genau] : Ian Manners" 15 Re: [os2genau] Internet security question - originated/received time : Gavin Miller" 16 Re: [os2genau] Internet security question - originated/received time : Ian Manners" 17 Re: [os2genau] Internet security question - originated/received time : Mike O'Connor" 18 Re: [os2genau] Internet security question - originated/received time : Mike O'Connor" 19 Re: [os2genau] Internet security question : John Angelico" 20 Re: [os2genau] Internet security question : Mike O'Connor" 21 Re: [os2genau] Internet security question - originated/received time : Gavin Miller" **= Email 1 ==========================** Date: Tue, 21 Jan 2003 08:54:38 -0500 (EST) From: "Gavin Miller" Subject: Re: [os2genau] Internet security question Thanks Ed. I don't have a firewall at all. The protocols on the OS/2 box are only NetBios and TCP/IP. I don't have NetBios over TCP/IP enabled. The only shares are on the Win98 Box. I'm only using PEER to swap files and have not set up TCP/IP for the LAN. Cheers G ---------------------------------------------------------------------------------- **= Email 2 ==========================** Date: Tue, 21 Jan 2003 18:00:49 +1100 From: Ed Durrant Subject: Re: [os2genau] Internet security question Sounds to me like a pretty secure setup aslong as your gateway isn't a Windoze box as windows installs netbios over TCPIP as a default, so in theory a hacker could get through using this. Ed. Gavin Miller wrote: > Thanks Ed. > > I don't have a firewall at all. The protocols on the OS/2 box are only NetBios and > TCP/IP. I don't have NetBios over TCP/IP enabled. The only shares are on the Win98 > Box. I'm only using PEER to swap files and have not set up TCP/IP for the LAN. > > Cheers > G > > ---------------------------------------------------------------------------------- **= Email 3 ==========================** Date: Tue, 21 Jan 2003 18:15:10 +1100 (EDT) From: "Ian Manners" Subject: Re: [os2genau] Internet security question >Sounds to me like a pretty secure setup aslong as your gateway isn't a Windoze box as >windows installs netbios over TCPIP as a default, so in theory a hacker could get >through using this. I love port 139 :-))) Cheers Ian B Manners http://www.os2site dot com/ The problem with the designated driver program, is it's not a desirable job. But if you ever get sucked into doing it, have fun with it. At the end of the night, drop them off at the wrong house. -Jeff Foxworthy ---------------------------------------------------------------------------------- **= Email 4 ==========================** Date: Tue, 21 Jan 2003 18:00:00 +1100 (EDT) From: "List Admin" Subject: [os2genau] * Reminder * - Melbourne OS/2 SIG Meeting We would like to remind you of this upcoming event. Melbourne OS/2 SIG Meeting Date: Tuesday, 28th January 2003 Time: 6:30PM - 9:30PM Place: Melbourne PC Group Victoria, Australia. The Monthly Meeting of Melbourne OS/2 SIG Normally held the fourth Tuesday of each month. Except December ! ie, this is the last meeting for the year, so be there or be hexagonal. ---------------------------------------------------------------------------------- **= Email 5 ==========================** Date: Tue, 21 Jan 2003 11:22:31 +1100 (EDT) From: "Daryl Pilkington" Subject: Re: [os2genau] Internet security question Hi Gavin, At the risk of being pedantic, here is the run-down. NETBIOS: Is a programming interface, usually used with applications using NETBEUI network protocol, e.g. LAN Server, Windows File & Print Sharing. NETBEUI: Is a network protocol that runs usually on an ethernet cable. It is non-routable & has largely been replaced by TCPBEUI or TCP/IP protocols. TCPBEUI: This network protocol also usually runs on ethernet. It is a variation of NETBEUI that includes TCP/IP information, making it routable across TCP/IP networks. This is the most commonly used with Windows File & Print Sharing & Linux SAMBA file servers. It leaks information about you network across routers in a TCP/IP environment & should be filtered out with your Internet Firewall. OS/2 incorrectly calls this NETBIOS over TCP/IP. With PCs on different networks, host name resolution needs to be done with a NETBIOS name server, (NBNS). Windows uses a variation of NBNS called Windows Internet Name Server, (WINS). TCP/IP: This network protocol is used on the Internet. Windows XP File & Print Sharing can use pure IP, without TCPBEUI. Linux SAMBA support is not really finished. Host name resolution is done merely with DNS servers. Ed tells me OS/2 MPTS v6 & higher will also work with it, but I haven't tried it. Perhaps I'll make a Windows XP box with TCP/IP only & see if I can get it to talk to my eCS box. You are correct that TCPBEUI or pure IP needs to be operation for outsiders to have access to your system. TCPBEUI is pretty insecure, you would be better-off using it via a Firewall running a VPN. On Mon, 20 Jan 2003 08:51:12 -0500 (EST), Gavin Miller wrote: >Hi guys, > >I'm a tad confused about NETBIOS, NETBIOS over TCP/IP and file/printer shareing. > >I have a win 98 box LAN'd to the OS/2 box. I need netbios to comunicate with the win98 >box right, and I have file shareing on the win98 box so I can transfer files from it. My >OS/2 box has an internet conection (just dial up). The way I understand it, both boxes >need netbios over tcp/ip in order for outsiders to gain access. Is that right, or is my >system a security risk? > >Cheers >G > > > Regards, Daryl Pilkington //// The PC-Therapist, Business Computing Integration O OS/2 Warp, Redhat Linux, DB2 IBM Certified Systems Expert email: darylp at pc-therapist dot com dot au Mob: 0425-251-300 ---------------------------------------------------------------------------------- **= Email 6 ==========================** Date: Tue, 21 Jan 2003 20:18:12 -0500 (EST) From: "Gavin Miller" Subject: Re: [os2genau] Internet security question On Tue, 21 Jan 2003 18:15:10 +1100 (EDT), Ian Manners wrote: >I love port 139 :-))) > Port 139 ????????? ---------------------------------------------------------------------------------- **= Email 7 ==========================** Date: Tue, 21 Jan 2003 19:35:03 +1000 From: "Mike O'Connor" Subject: Re: [os2genau] Internet security question - originated/received time Gavin Miller wrote: >On Tue, 21 Jan 2003 18:15:10 +1100 (EDT), Ian Manners wrote: > > > >>I love port 139 :-))) >> >> >> > >Port 139 ????????? > > Hi Gavin, This message's headers indicated it was received from: Unknown ...... 21 Jan 2003 at 09:13:13 -0000, Delivery date/time was 20:15:47 +1100 today - but in my IBMBMV2-mail it shows up as being received at 11:18 A.M. of today. Assume you have your TZ set to UNIX-style based on Greenwich? Regards, mike -- Failed the exam for -------------------- MCSE - Minesweeper Consultant and Solitaire Expert -------------------- ---------------------------------------------------------------------------------- **= Email 8 ==========================** Date: Tue, 21 Jan 2003 19:42:31 +1000 From: "Mike O'Connor" Subject: Re: [os2genau] Internet security question - originated/received time Mike O'Connor wrote: > Gavin Miller wrote: > >> On Tue, 21 Jan 2003 18:15:10 +1100 (EDT), Ian Manners wrote: >> >> >> >>> I love port 139 :-))) >>> >>> >> >> >> Port 139 ????????? >> >> > Hi Gavin, > This message's headers indicated it was received from: Unknown ...... > 21 Jan 2003 at 09:13:13 -0000, Delivery date/time was 20:15:47 +1100 > today - but in my IBMBMV2-mail it shows up as being received at 11:18 > A.M. of today. Assume you have your TZ set to UNIX-style based on > Greenwich? > Regards, > mike > Correction to above - should have said received at 11:18 A.M. *22/01/03* - not happening with messages from elsewhere. Mike -- Failed the exam for -------------------- MCSE - Minesweeper Consultant and Solitaire Expert -------------------- ---------------------------------------------------------------------------------- **= Email 9 ==========================** Date: Tue, 21 Jan 2003 20:45:41 -0500 (EST) From: "Gavin Miller" Subject: Re: [os2genau] Internet security question - originated/received time Hi Mike, Interesting story about that. It all started when I "updated" directx to version 8 on my win98 partition. After it slowed my system to a crawl, I wanted to go back to ver 7. Guess what..... Direct X won't go back. So I thinks to myself, 'Ok good opertunity to rearange the partitions, get a lager Window one..... which I did after swapping all the data I wanted kept to the HPFS partitions. Reinstall windows. It says I have a partition size larger than blah blah blah.. do I want to install large disk support. I press Y and windows reformats my entire disk into one big fat partition. Goodbye all that stuff I wanted kept. Anyway, after spending a few days getting my system back to the way I had it, I really could not have been bothered changing time zones. At the moment it's set in some American TZ. Yes I know how quick and simple it would be to do..... but I guess I'm a tad lazy. Cheers G ---------------------------------------------------------------------------------- **= Email 10 ==========================** Date: Tue, 21 Jan 2003 20:02:56 +1000 From: "Mike O'Connor" Subject: Re: [os2genau] Internet security question - originated/received time Gavin Miller wrote: >Hi Mike, > >Interesting story about that. It all started when I "updated" directx to version 8 on my >win98 partition. After it slowed my system to a crawl, I wanted to go back to ver 7. >Guess what..... Direct X won't go back. So I thinks to myself, 'Ok good opertunity to >rearange the partitions, get a lager Window one..... which I did after swapping all the >data I wanted kept to the HPFS partitions. Reinstall windows. It says I have a partition >size larger than blah blah blah.. do I want to install large disk support. I press Y and >windows reformats my entire disk into one big fat partition. Goodbye all that stuff I >wanted kept. > >Anyway, after spending a few days getting my system back to the way I had it, I really >could not have been bothered changing time zones. At the moment it's set in some >American TZ. > Your mailer thinks it's in London, England! > Yes I know how quick and simple it would be to do..... > select the "Country" icon under System Setup [on my system - either via RMB on Desktop/ or shadow-icon in Warp/eCScenter or in the OS/2 System Folder] and select Australia. Couple of secs. For people who have mail sorted by date+time and have lots of messages in a mailfolder it's a PITA when new messages are four screen-pages up above. > but I guess I'm a >tad lazy. > > Hi Gavin, I bet you were a bit PO'd over the FAT32 schemozzle. That's one reason I still have Partition create and pre-format any FAT32 partitions, before I let WINxx/2K see them. Mike -- Failed the exam for -------------------- MCSE - Minesweeper Consultant and Solitaire Expert -------------------- ---------------------------------------------------------------------------------- **= Email 11 ==========================** Date: Tue, 21 Jan 2003 21:10:46 -0500 (EST) From: "Gavin Miller" Subject: Re: [os2genau] Internet security question - originated/received time London !!! That's wierd. Country reports USA and since PM mail gets TZ from config, I would have thought PM mail would send as USA. I'll change it and send another message. Cheers G ---------------------------------------------------------------------------------- **= Email 12 ==========================** Date: Tue, 21 Jan 2003 21:19:47 +1100 (EDT) From: "Ian Manners" Subject: Re: [os2genau] Internet security question Hi Gavin >>I love port 139 :-))) >Port 139 ????????? 139/tcp = NETBIOS Session Service 139/udp = NETBIOS Session Service Its amazing how many windows users leave this port open, and with default access as well. WindowsXP is also wide open on this port by default but at least its a lot harder to get in. I'll leave the rest of it to your imagination. Any firewall should be setup to drop ports 137,138, and 139 both going out as well as coming in. Port 137 and 139 are the important ports to drop for external access though if you are using TCPBEUI. 137/tcp = NETBIOS Name Service 137/udp = NETBIOS Name Service 138/tcp = NETBIOS Datagram Service 138/udp = NETBIOS Datagram Service Also, I'm finding the quality of days 'cracker hackers' has dropped dramatically compared to those of us who cut our teeth on assembler and started out in the early 1980's. Sigh, kiddy scripters and wanabies. Even the old well known hacker lists are full of people that dont seem to know much about real knowledge anymore. Its no wonder companies like Microsoft have no end of problems securing there software properly. Cheers Ian B Manners http://www.os2site dot com/ "What luck for rulers that men do not think" - A. Hitler ---------------------------------------------------------------------------------- **= Email 13 ==========================** Date: Tue, 21 Jan 2003 21:23:23 +1100 (EDT) From: "Ian Manners" Subject: [os2genau] who os2genau end Cheers Ian B Manners http://www.os2site dot com/ This tagline is under repair. Thank you. ---------------------------------------------------------------------------------- **= Email 14 ==========================** Date: Tue, 21 Jan 2003 21:24:36 +1100 (EDT) From: "Ian Manners" Subject: Re: [os2genau] >who os2genau Oops, meant to send this to the listadmin address :-) Cheers Ian B Manners http://www.os2site dot com/ No one can hear when you're Screaming in Digital! ---------------------------------------------------------------------------------- **= Email 15 ==========================** Date: Tue, 21 Jan 2003 21:27:16 +1000 From: "Gavin Miller" Subject: Re: [os2genau] Internet security question - originated/received time Well, let's see if the TZ thing is fixed. ---------------------------------------------------------------------------------- **= Email 16 ==========================** Date: Tue, 21 Jan 2003 21:29:02 +1100 (EDT) From: "Ian Manners" Subject: Re: [os2genau] Internet security question - originated/received time Hi Gavin >Well, let's see if the TZ thing is fixed. Date: Tue, 21 Jan 2003 21:27:16 +1000 Should be Date: Tue, 21 Jan 2003 21:25:26 +1100 So getting close, just missing Daylight savings. This is the setting you should have in your OS/2 config.sys. SET TZ=EST-10EDT,10,-1,0,7200,3,-1,0,7200,3600 Cheers Ian B Manners http://www.os2site dot com/ "I like the idea of democracy. You have to have someone everyone distrusts," said Brutha. "That way, everyone's happy." ---------------------------------------------------------------------------------- **= Email 17 ==========================** Date: Tue, 21 Jan 2003 20:33:50 +1000 From: "Mike O'Connor" Subject: Re: [os2genau] Internet security question - originated/received time Gavin Miller wrote: >Well, let's see if the TZ thing is fixed. > > Hi Gavin SURE Is!!! Mike -- Failed the exam for -------------------- MCSE - Minesweeper Consultant and Solitaire Expert -------------------- ---------------------------------------------------------------------------------- **= Email 18 ==========================** Date: Tue, 21 Jan 2003 20:40:49 +1000 From: "Mike O'Connor" Subject: Re: [os2genau] Internet security question - originated/received time Mike O'Connor wrote: > Gavin Miller wrote: > >> Well, let's see if the TZ thing is fixed. >> >> > Hi Gavin > SURE Is!!! > Mike > Hi Gavin, Just saw Ian's response after I hit the send button - I was an hour ahead of myself!(well at least it was in the ballpark!) Mike P.S. Even though I'm in N.NSW I keep mine on Qld. time zone - 2KM away - kids are there and I like to watch the 6 o'clock news at 6 and all the TV stations here broadcast in Qld. time. -- Failed the exam for -------------------- MCSE - Minesweeper Consultant and Solitaire Expert -------------------- ---------------------------------------------------------------------------------- **= Email 19 ==========================** Date: Tue, 21 Jan 2003 20:23:06 +1100 (EDT) From: "John Angelico" Subject: Re: [os2genau] Internet security question On Tue, 21 Jan 2003 18:15:10 +1100 (EDT), Ian Manners wrote: >>Sounds to me like a pretty secure setup aslong as your gateway isn't a Windoze box as >>windows installs netbios over TCPIP as a default, so in theory a hacker could get >>through using this. > >I love port 139 :-))) So for fun go to www.grc dot com and do the Shields Up! and Port Probe test Best regards John Angelico OS/2 SIG talldad at melbpc dot org dot au or talldad at kepl dot com dot au -------------------------------------- PMTagline v1.50 - Copyright, 1996-1997, Stephen Berg and John Angelico .... NOTICE: No trees were harmed in the production of this message. However, a rather large number of electrons were somewhat inconvenienced. ---------------------------------------------------------------------------------- **= Email 20 ==========================** Date: Tue, 21 Jan 2003 21:39:53 +1000 From: "Mike O'Connor" Subject: Re: [os2genau] Internet security question John Angelico wrote: >On Tue, 21 Jan 2003 18:15:10 +1100 (EDT), Ian Manners wrote: > > > >>>Sounds to me like a pretty secure setup aslong as your gateway isn't a Windoze box as >>>windows installs netbios over TCPIP as a default, so in theory a hacker could get >>>through using this. >>> >>> >>I love port 139 :-))) >> >> > >So for fun go to www.grc dot com and do the Shields Up! and Port Probe test > > > > Hi John, Isn't it comforting when one takes the scanning/probes from OS/2-eCS! Regards, Mike -- Failed the exam for -------------------- MCSE - Minesweeper Consultant and Solitaire Expert -------------------- ---------------------------------------------------------------------------------- **= Email 21 ==========================** Date: Tue, 21 Jan 2003 23:55:12 +1000 From: "Gavin Miller" Subject: Re: [os2genau] Internet security question - originated/received time I rem'd out the TZ in config. PMmail while it did see the setting was still sending out GMT 0 (London). I don't care to much about daylight saving; as long as the time is right, I don't think it will mess too many folks around ;-) On Tue, 21 Jan 2003 21:29:02 +1100 (EDT), Ian Manners wrote: >Hi Gavin > >>Well, let's see if the TZ thing is fixed. > > >Date: Tue, 21 Jan 2003 21:27:16 +1000 >Should be >Date: Tue, 21 Jan 2003 21:25:26 +1100 > >So getting close, just missing Daylight savings. > >This is the setting you should have in your OS/2 config.sys. >SET TZ=EST-10EDT,10,-1,0,7200,3,-1,0,7200,3600 > >Cheers >Ian B Manners >http://www.os2site dot com/ > > >"I like the idea of democracy. You have to have someone everyone >distrusts," said Brutha. "That way, everyone's happy." > > ----------------------------------------------------------------------------------