On Thursday 23 September 2004 05:54, Nifty Hat Mitch wrote: >On Wed, Sep 22, 2004 at 08:31:12PM -0400, Gene Heskett wrote: >> On Wednesday 22 September 2004 19:21, Nifty Hat Mitch wrote: >> >On Tue, Sep 21, 2004 at 10:34:23PM -0700, Kenneth Porter wrote: >> >> --On Tuesday, September 21, 2004 11:17 AM -0400 Gene Heskett >> >> [...] >Name servers and smtp boxes are commonly hunkered down >in some far off 'safe' location. If you run "dig" on >the IP address you posted from I find > ;; AUTHORITY SECTION: > 88.73.153.141.in-addr.arpa. 52848 IN NS > ns1.bellatlantic.net. 88.73.153.141.in-addr.arpa. 52848 IN NS > ns2.bellatlantic.net. And then dig on those name servers: > ;; AUTHORITY SECTION: > bellatlantic.net. 13149 IN NS ns4.verizon.net. > bellatlantic.net. 13149 IN NS > ns1.bellatlantic.net. bellatlantic.net. 13149 IN NS > ns2.verizon.net. bellatlantic.net. 13149 IN NS > ns2.bellatlantic.net. > >So any three of these (ns[1234]) would be good in your > /etc/resolv.conf. Pick ones that have the most 'different' routes > for reliability. If you run dig on any of the dhcp assigned host > names you are given and look at the NS records you might locate > some closer. > >> 2. One would think that in 17 other machines, there would be a >> timeserver. Obviously these twerps aren't running a thing we >> don't scream for. > >Don't scream just ask. verizon doesn't seem to hear unless you scream. :) > >In the case of NTP most router guys do not look on their >boxes as a service resource so they never think to turn ntp >on. As long as they route packets the other stuff is extra. And no doubt someone will come up with a tariff rule that allows them to charge extra for it :( >So, In your case use these three ntp hosts. >Yes all three. > # http://www.pool.ntp.org/ > server pool.ntp.org > server pool.ntp.org > server pool.ntp.org > >> Actually, there's a 3rd question: WTF if the secondary dns doing >> when it attempts to contact my firewall box on a high port, 32,711 >> or such as I posted last night? I sent a nastygram to both >> postmaster and abuse at the secondary dns's name, specifically >> requesting a reply, but in 18 hours none has been forthcoming. >> Should I just keep beating on them till they get tired of me and >> disconnect me, or what? > >Nastygrams only make support folk nasty. In this case the details > of their network will be unknown to all but a handful. It does not > hurt to ask but it is not worth a nastygram. When it costs me a new router for $80+tax, its worth a "nastygram"... >As long as the line gets you packets in and out for the right price, >not a problem. That it does for the most part. >A tool like firestarter has knowledge of common port use >and translates to human what it can. The rest you need >to google. As long as your firewall blocked the connection >... who cares. portsentry has blocked many many hack attempts. Back when I was on dialup, I was rarely connected for long enough to get the mail without getting hit. Those who loudly proclaim that an un-protected windows box is owned in 20 seconds aren't being the least bit facetious. But out of many thousands of logged attempts, no one ever got past portsentry (that I know of) yet. And traffic indicated by the modems lights is exclusively generated by my activities >Note that traceroute will generate icmp messages back to your box. > We can start another thread to research and discuss that topic > (routing and icmp) if your Google efforts do not find good answers. > >If /etc/services does not help look at header files like these: > > /usr/include/netdb.h /usr/include/netinet/in.h ... etc. I'll do a read of these, thanks. >Programmers have done some homework on this stuff.. -- Cheers, Gene "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) 99.26% setiathome rank, not too shabby for a WV hillbilly Yahoo.com attorneys please note, additions to this message by Gene Heskett are: Copyright 2004 by Maurice Eugene Heskett, all rights reserved.
