Date: Fri, 4 Jun 93 04:30:08 PDT
From: Advanced Amateur Radio Networking Group <tcp-group@ucsd.edu>
Errors-To: TCP-Group-Errors@UCSD.Edu
Reply-To: TCP-Group@UCSD.Edu
Precedence: Bulk
Subject: TCP-Group Digest V93 #144
To: tcp-group-digest
TCP-Group Digest Fri, 4 Jun 93 Volume 93 : Issue 144
Today's Topics:
Hints for Getting & Compiling NOS base code
IP address starting with digits ??? (2 msgs)
NOS - SP deadlock.
PMNOS (3 msgs)
Retraction: Digits starting domain labels
RFC 791, IP options
tcpip as TSRs
wampes under A/UX and other enhancements..
Send Replies or notes for publication to: <TCP-Group@UCSD.Edu>.
Subscription requests to <TCP-Group-REQUEST@UCSD.Edu>.
Problems you can't solve otherwise to brian@ucsd.edu.
Archives of past issues of the TCP-Group Digest are available
(by FTP only) from UCSD.Edu in directory "mailarchives".
We trust that readers are intelligent enough to realize that all text
herein consists of personal comments and does not represent the official
policies or positions of any party. Your mileage may vary. So there.
----------------------------------------------------------------------
Date: Thu, 3 Jun 1993 12:28:18 -0400 (EDT)
From: MIKEBW@ids.net (Mike Bilow, <MIKEBW@ids.net>)
Subject: Hints for Getting & Compiling NOS base code
To: erik@marge.phys.washington.edu, tcp-group@ucsd.edu
The "FOR" command for use in batch files is supported as of version 1.0
of MS-DOS.
-- Mike Bilow, <mikebw@ids.net> (Internet)
N1BEE @ WA1PHY.#EMA.MA.USA.NA (AX.25)
------------------------------
Date: Thu, 3 Jun 1993 12:17:00 -0400 (EDT)
From: MIKEBW@ids.net (Mike Bilow, <MIKEBW@ids.net>)
Subject: IP address starting with digits ???
To: J.R.Jagger@sheffield-hallam.ac.uk, tcp-group@ucsd.edu
RFC 1034 does require that each label within a domain name start with a
letter. In the case of a domain name such as "n1bee.ampr.org" there are
three labels: "n1bee", "ampr", and "org"; each must start with a letter.
-- Mike Bilow, <mikebw@ids.net> (Internet)
N1BEE @ WA1PHY.#EMA.MA.USA.NA (AX.25)
------------------------------
Date: Thu, 03 Jun 1993 16:06:24 -0400
From: "Louis A. Mamakos" <louie@NI.umd.edu>
Subject: IP address starting with digits ???
To: MIKEBW@ids.net (Mike Bilow, <MIKEBW@ids.net>)
> RFC 1034 does require that each label within a domain name start with a
> letter. In the case of a domain name such as "n1bee.ampr.org" there are
> three labels: "n1bee", "ampr", and "org"; each must start with a letter.
RFC 1034 is rather old at this point. I don't belive that there is a
requirement that domain name labels begin with a letter. Witness
3M.COM and 3COM.COM.
Now, certain applications that use the DNS may (or used to) impose
restrictions on the structure of the names, such as RFC-822. I belive
that if you look at the host requirements RFCs, they specifically
allow the use of leading digits in domain name labels.
Louis A. Mamakos
University of Maryland, College Park
DNS weenie
------------------------------
Date: Thu, 3 Jun 1993 18:37:15 +0300 (CET-DST)
From: ARATO@IIF.KFKI.HU (Arato Andras)
Subject: NOS - SP deadlock.
To: tcp-group@ucsd.edu
Hello,
I use JNOS as an Internet gateway. I usually login into it
from 1200 baud radio side with ordinary AX25. My favorite
terminal program is SP5 (from DL1MEN) so my TNC works in
Host mode. I have found the following deadlock situation
during heavy traffic (it is very usual in Budapest, HA :-).
- JNOS repeating I frame for SP because it doesn't read
acknowledgement from SP.
- SP Rejects I frame from JNOS, but JNOS can not read it.
- JNOS repeating I frame for SP, but SP Rejects it only
ones. JNOS exhausts its repeat count and disconnects.
Host mode firmware repeats only twice the I frames, after
that it will send RR frames to test the other station. JNOS
repeats I frame all the time.
Have anybody met this situation?
73! de Andras.
Internet: arato@iif.kfki.hu
AX25: HG5BDU@HA5OB.
------------------------------
Date: 03 Jun 1993 11:24:06 -0500 (EST)
From: Mike Murphree <mike.murphree@stpete.honeywell.com>
Subject: PMNOS
To: TCP-Group@UCSD.Edu
Bob,
How does PMNOS work with the OS/2 V2.1 (beta)?? I'm getting ready to
set up a BBS here, and would like to be able to do two (or was that
3 or maybe 4 things at the same time <g>).
Atlanta is not so far away, try to come down to the ARRL Digital Conference,
here in the Tampa Bay area on September 11, which is sponsored by Tampa LAN
(a.k.a. TPALAN).
Mike, N4CNW@W4DPH.#TPA.FL.USA.NA
or via ROSE for those on the TRILINK in Dallas, Minneapolis, or
Chicago to name a few: 813442.
Coming soon at: n4cnw@n4cnw.ampr.org [44.98.0.151]
------------------------------
Date: Thu, 3 Jun 1993 14:05:35 -0400
From: goldstein@carafe.pa.dec.com (k1io, FN42jk)
Subject: PMNOS
To: tcp-group@ucsd.edu
>How does PMNOS work with the OS/2 V2.1 (beta)??
I haven't beaten up on it extensively, but I did try it out and it did
seem to work. Since my TNC is only running at 1200 bps, I didn't have
a problem with the COM drivers, so I just used the ones from the 2.1.1b
distribution. Alternatives are available if that's a bottleneck.
fred
------------------------------
Date: Fri, 4 Jun 1993 0:05:34 -0400 (EDT)
From: MIKEBW@ids.net (Mike Bilow, <MIKEBW@ids.net>)
Subject: PMNOS
To: mike.murphree@stpete.honeywell.com, tcp-group@ucsd.edu
FYI, OS/2 2.1 is no longer in beta. The GA release was May 18, and the
product is shipping.
-- Mike Bilow, <mikebw@ids.net> (Internet)
N1BEE @ WA1PHY.#EMA.MA.USA.NA (AX.25)
------------------------------
Date: Fri, 4 Jun 1993 0:43:43 -0400 (EDT)
From: MIKEBW@ids.net (Mike Bilow, <MIKEBW@ids.net>)
Subject: Retraction: Digits starting domain labels
To: tcp-group@ucsd.edu
While it still seems to me that it would be prudent to avoid starting domain
labels with digits, I checked and found that Louie Mamakos is quite right
about there being a fair number of registered domains which begin with a
digit instead of a letter. I decided to throw in the towel on the point
after finding a formal registration for the domain "1776.COM", the only
registered domain name which contains a label com
nsisting exclusively of
digits. If the NIC is willing to register something like THAT, it seems
clear that they will register anything along this line.
-- Mike Bilow, <mikebw@ids.net> (Internet)
N1BEE @ WA1PHY.#EMA.MA.USA.NA (AX.25)
------------------------------
Date: 4 Jun 93 10:43:37 GMT
From: Jon Jagger <J.R.Jagger@sheffield-hallam.ac.uk>
Subject: RFC 791, IP options
To: tcp-group@ucsd.edu
Hi there,
first thanks to all who replied to my query on whether
a IP address such as 2e1bsd.ampr.org was 'right and proper'.
The answer is that it is. RFC 1123, section 2.1
This is good because UK Radio Amateur Novice License holders
get a call sign which start with a digit, and some regional
IP address co-ordinators are apprarantly not giving Novices
IP addresses on the grounds that their callsign starts with a
digit. I shall pass this on.
Anyway on to todays question :)
I am planning to set up a gateway here at work. One port into
our Ethernet (and hence into JANET and then Internet), one port
to a TNC+Transeiver+ANT. I already have a member of staff with
a GB7 callsign and a NOV willing to administer it, and he assures
me that the DTI have okayed it.
My problem is that JANET conditions of use do not allow radio amateurs
to use JANET get to the Internet. It seems some IP addresses are
more equal than others.
However if a member of staff is also a radio amateur with a 44.131.X.X
callsign, then they will have a work IP address that will allow
them to use JANET.
Still with me? :)
Right, my problem is secure access. Ordinary passwords are useless,
since anyone can eavesdrop on them.
So my first question is
Has anyone written any add-on code to NOS that will implmement
secure rlogin type access? (apart from ka9q's code on ucsd which
I know about)
If not I have a scheme that may work.
Each member of staff has a tinkered version of NOS at home, that, on
start up asks them for their DES key. Every packet sent to the gateway
contains the current date:time stamp DES encrypted.
The gateway has a database of (IP address,Deskey) tuplets, and when
a packet comes in that is to go *through* the gateway, it decrypts
the date-time stamp using the des key of the original sender.
A packet get through the gateway if
a) It decrypts to a valid date:time stamp.
AND
b) that date:time stamp is strictly LATER than the previous
packets date stamp (received from that IP address).
So question number 2....
Can I put the ENCRYPTED date:time stamp into the option field
of an IP packet? There's plenty of space 40 chars max, and
I think 16 would be fine, (multiples of 8 are best for the
DES code). I know that I can technically, but I don't want to
break any IP specs.
If I can't use an option then I'll just have
to prepend it to the packet data. No difference in packet
size really, it just looks like it would be slightly more messy
that way.
This DES setup would mean that every packet has a 'one-shot' password.
(You must also ensure that the senders system clock has sufficiently
fine granularity, so that no two date:time stamps are the same. This
is easy to ensure via software).
As I see it the only problem with this is you are at the
mercy of a digipeating station, if you can't reach the gateway
in one hop, since that station can collect your passwords,
not digipeat, and then pretend to be you. Tricky I know, but never
underestimate a radio amateur.
So question number 3...
Can anyone see a secure way around this hop problem?
(Other than using source specified routing)
Lastly I am just working my way through the NOS source code,
so see where I can insert the necsessary DES filters.
I'd like to only affect IP packets, so putting it
inside ip_send(), and ip_recv() seems the best place, yes ????
That way it won't affect non TCP/IP packets over ax.25.
Thanks for reading this far.
JJ
:: Jon Jagger J.R.Jagger@shu.ac.uk
:: Sheffield Hallam University, Pond Street, SHEFFIELD S1 1WB
:: Tel 0742 533802/432889 (work/home) Fax 0743 533840
:: Newspaper ad: Men wanted for expanding contracting company!
------------------------------
Date: Thu, 03 Jun 93 15:03:55 PDT
From: beacker@tomahawk.asd.sgi.com
Subject: tcpip as TSRs
To: tcp-group@ucsd.edu
Folks,
I was wondering if any out there has done any work on trying to
take the base nos stuff and turn the functionality into a set of
communicating TSRs? The basis for this being that we could avoid having
to rebuild the program if we wanted to change the configured in
modules? ie we could start up the basic ip function then add the tcp
and udp modules to this, then startup a TSR that would do ftpd functions,
others could add telnetd, etc...
Just curious more than anything else,
Brad Eacker (beacker@sgi.com KB6FED)
------------------------------
Date: Thu, 03 Jun 1993 16:13:43 -0700
From: Paul Traina <pst@cisco.com>
Subject: wampes under A/UX and other enhancements..
To: tcp-group@ucsd.edu
First off, if there is now a wampes development list, let me know and
I'll stop sending this drivel to tcp-group.
The A/UX port is fully functional now... diffs have been sent back to
Dieter. In addition, I just added the ax25 heard/dheard stuff and
the beacon code from jnos.
Now for my big question, has anyone gotten WAMPES to interface with
their native networking code. Note, I don't mean tcpgate to local
daemons on their host, I mean passing IP packets back and forth.
That's the one thing that makes wampes unsuitable for replacing NOS at
this time (IMO).
Any insight or words of encouragement would be most welcome, as I'd
like to bring up WAMPES on a new unix box to replace the existing PC
junk that is the Stanford gateway.
Regards,
Paul
------------------------------
End of TCP-Group Digest V93 #144
******************************
******************************