PDA

View Full Version : Evidence WinXP "security updates" may break Linux



Harry Kuhman
04-28-2003, 07:47 PM
I have another topic in this forum titled "Knoppix using NatSemi DP83815 stopped working". However, I now think I have enough information that this should be called to the attention of more users, so I'm posting under a title that will attract the attention of more users than those who know they use the NS DP83815 based NIC.

If you are a WinXP user and you have a NIC card or built-in nic that has an eeprom that holds configuration information (not all do), then you may have found that you can no longer connect to the network when you run Knoppix. I would be interested in any feedback from other users in these areas:

Do you also run WinXP, and if so have you downloaded the "security updates"?

Does Knoppix fail to connect to the network for you? Did it connect previously? What NIC (network interface) do you have and do you know if it contains EEPROM?

Did your connection stop working when you installed recent WinXP "security updates"?

From what I'm learning, if you have a NIC with EEPROM for configuration on it and have installed the WinXP "security updates" recently, you may no longer be able to connect to the network with Knoppix, although WinXP clearly overrides the new settings and connects fine.

There is a work-around for this. See the other thread for the details. Please post back any and all experiences; we need to track this down if it really is a case of the "security updates" breaking your computer so that it can no longer properly run Linux.

And if anyone has an XP system, and a nic with eeprom, and has not yet installed the security updates, it would be extremely helpful if you can determine the current EEPROM contents (tools at http://www.scyld.com/diag/index.html )and then install the "updates" and see what happens to your ability to connect to the network with Knoppix. (Keep the data before you run the "upgrade" and you will be able to reset the eeprom to it's correct values.)

Striker2002
04-29-2003, 01:20 AM
What you just described is exactly the problem that I am having. I have a LinkSys EtherFast 10/100 NIC, which is connected to my Westell Wirespeed DSL modem (PPPoE). When I first got Knoppix I had a great time learning to use it that I nearly stopped using Windows 98. A few weeks later, the "Oh-So-Dangerous" security issue with all versions of Windows arrived, and I downloaded the update. I really did not use Knoppix until a week later, but when I finally did, the ADSL/PPPoE Configuration Utility did not work with my modem anymore. Well now I know why. DAMN YOU BILL GATES!!!!!!!

Harry Kuhman
04-29-2003, 01:40 AM
.
A few weeks later, the "Oh-So-Dangerous" security issue with all versions of Windows arrived, and I downloaded the update.

Can you tell us exactly which update this might be? Unfortunately, my XP system was new and there were a lot of XP updates at the same time. I do run 98se on another system, but never take M$ "security updates" for that. Knowing which update it is might be another important step in reproducing this on demand and getting the word out on what this company is doing and hopefully holding them responsiable for it.

And thanks for spelling out which network card was affected, that may help as well.

Striker2002
04-29-2003, 02:17 AM
The most recent security update I installed for Windows 98 is http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-050.asp

I am pretty sure that this is the one.

Striker2002
04-29-2003, 02:25 AM
Holding Microsoft responsible won't do anything anyways. When they set out to undermine their competitors, they usually succeed (hence the Sun Microsystems case with the JVM). I'm not worried about holding them responsible, I only hope that I can undo what the update has already done so I can get my ADSL/PPPoE connection working again in Knoppix.

Harry Kuhman
04-29-2003, 03:51 AM
Thanks for the additional info. For what it's worth, the Linksys card you have does have eeprom for configuration on it, on the card I checked it's a tiny 8 pin 93c46 inside the footprint of the boot rom socket. You may have a lot better results getting the original settings from Linksys than I'm having getting them from HP for my nic (unfortunately, different chip set so your settings would not help me). While you're talking to them, try to learn if there are seeing a lot of reports of this problem in the last month or two. They might even be interested in what is causing it.

Striker2002
04-29-2003, 02:40 PM
I just called the LinkSys tech support number and the person on the phone really didn't help me too much. She had me reinstall the drivers for my EtherFast LNETX100 lan card. Now how would that help? Do you know of any way I could reset the settings my self?

Harry Kuhman
04-29-2003, 03:43 PM
Do you know of any way I could reset the settings my self?

Sorry, I'm still working on that myself for my HP notebook nic. One approach I might tak involves getting my hands on another notebook, which presents it's own problems. This might ne less of an issue with an inexpensive nic card. I'm also wondering if I can set the card to something that works without knowing the original settings, but still need to do some tests before I can post on that (it may be a little while, I have a deadline on another project fast approaching). If you want to experiment on your own, see mii-tool that is on the knoppix CD and mii-diag at http://www.scyld.com/diag/index.html and let us know if you do make progress.

Striker2002
04-29-2003, 07:15 PM
Here's some extra info in case anyone knows how to fix this issue. I do successfully get through the ADSL/PPPoE Configuration process and the connection supposedly gets triggered. However it isn't because I can't view any web pages or ping any ip.



root@ttyp0[knoppix]# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:20:78:0E:3A:73
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:45 errors:0 dropped:0 overruns:0 frame:0
TX packets:105 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:2708 (2.6 KiB) TX bytes:6328 (6.1 KiB)
Interrupt:9 Base address:0x1000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:40 errors:0 dropped:0 overruns:0 frame:0
TX packets:40 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2800 (2.7 KiB) TX bytes:2800 (2.7 KiB)

ppp0 Link encap:Point-to-Point Protocol
POINTOPOINT NOARP MULTICAST MTU:1492 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

root@ttyp1[floppy]# /mnt/floppy/mii-diag
Using the default interface 'eth0'.
Basic registers of MII PHY #1: 1000 7869 0022 5410 01e1 0021 0004 2001.
Basic mode control register 0x1000: Auto-negotiation enabled.
Basic mode status register 0x7869 ... 786d.
Link status: previously broken, but now reestablished.
Your link partner is generating 10baseT link beat (no autonegotiation).
End of basic transceiver information.

root@ttyp1[sbin]# mii-tool
eth0: no autonegotiation, 10baseT-HD, link ok

aay
04-29-2003, 09:17 PM
Harry,

Thanks so much for following up on this issue. I've been away from my computer for a couple of day's so I haven't checked the other post. Even though I don't have one of these cards this seems like a really important issue to me. It really pisses me off that MS is able to do this to people. Are eeprom cards becoming more prevelant? Are there many of them on the market now? Perhaps it would be helpful to link to a list of eeprom based cards. I did a bit of searching on google and was unable to come up with anything so maybe we need to start compiling our own list and make it available in the docs section. We have at least two cards to put on the list at this point! Thanks again for doing your homework on this one and sharing the info with others.

Harry Kuhman
04-29-2003, 09:48 PM
aay,

A quick check shows that all of the spare 10/100 cards I have do have a configuration eeprom. That includes a Linksys LNE100tx, a D-Link DFE-530TX, and even a Belkin (I think it's number is 10/100BT). I believe the NICs in my PC's also have them (except for an old ISA system with a 10 megabit inteface) and the one in my new HP notebook certainly does. The eeprom is generally a small 8 pin chip, placed on all of my 10/100 nics inside the bootrom socket footprint. If you can read the tiny number on an 8 pin chip on your card, a quick search for that number on Google should confirm that it is an eeprom. Yes, eeprom memory seems to be quite common.

A quick update: I just checked a 10 megabit PCI D-link card I have (DE-528CT) and it also has an EEPROM on it. Not in the bootrom footprint this time, but the part number is very clearly 93lc46, which is an eeprom. My expectation is that it will be hard to find a new nic without an eeprom; that might be an easier list to build!

It's pretty telling that my notebook NIC, which used to work fine for both Knoppix and WinXP, now fails for Knoppix, and I can confirm with mii-diag that some of the settings in the eeprom are simply illogical and will keep the card from functioning in it's current configuration. It's also pretty telling that Windows overrides the eeprom settings, while Linux takes the normal course of action and assumes that the card would be configured the way the manufacturer or owner wants it.

So far, this forum is the only place I'm seeing confirmation of this. That makes some sense, as Knoppix users are likely to be also booting Windows on the same system, while users with another Linux distro are less likely to be dual boot users (although it certainly does happen). Also, suspecting that Windows deliberately broke your hardware isn't the first thing one trying to get Linux networking going is likely to do. I would still like to get some additional feedback, and when I have enough information to consider this strong proof, take the information to other forums. I don't think we should take too long on this however, as equipment is being dammage every day. Much of this is equipment that likely would never run Linux, but now Bill Gates and his horde seem to have insured that.

Obviously, once the problem is fully understood, Linux driver writers can override the eeprom configuration just as Windows does. This is a pretty sad "fix" though, giving up the option to configure all of those NICs in eeprom just because someone deliberately screwed with them, but it may be needed. Unfortunately, this will take some time to happen, and in the meantime Microsoft (allegedly) will have made it much harder for people to switch to Linux.

aay
04-30-2003, 04:08 PM
Good points. I'm hoping that others can corroborate and give additional information on this issue so that we can get further verification and then get it some broader publicity.

deadmule
05-01-2003, 10:30 PM
Harry, ...thanks for starting the post.

I have a netgear fa311 with same DP83815 on it. I was succesfully using Knoppix 3.1 for a few weeks , in fact the first time I booted it found all my hardware and the adsl config tool work like a charm. I have XpPro on the system. As of the middle of last week I can no longer connect and have exhibited the exact symptoms described. I don't really recall updating security but I do have media player nine. I DL'd Knoppix 3.2 thinking something was just plain weird but alas 3.2 does the same as 3.1

I have another pci network card (hp) but haven't been able to get knoppix to "see" it. I have been unable to use your work around succesfully yet, still trying......

I had hoped to add to the solution but it only looks like I'll add a tale of woe.

DeadMule

Ironi
05-04-2003, 09:36 PM
I have two working DP83815 cards (and only a broken installation of Windows 98 on the box along with Debian). If you guys can figure out what EEPROM settings you need, I'll gladly post them.

I'm interested in this XP "security update" issue too. I have XP on my desktop (SiS900 onboard NIC), but I've disabled auto-updates and haven't updated it.

Sitting Bull
05-09-2003, 09:44 PM
Hi,

I'm using Win2000 ...
... and Knoppix directly from CdRom

I have an 3com Etherlink NIC with EEPROM and 3 ports (BNC UTP AUI)

However I think my problem is different : At Knoppix Boot the NIC is detected working but DHCP doesn't work. Probably because the wrong Port is used per default. When I remove after boot the NIC-driver and add it again by specifying the correct port-number, the network is working. Saving and using config from diskette doesn't help.

In my opinion, my problem isn't related to the two other postings

Kind regards

SB

Junior G.
05-11-2003, 01:28 AM
Hello everyone,
This is very intriguing... (Warning: This is a very long post, so please grab a cuppa and bear with me!)
I had been using Debian successfully on one of my PCs until recently when I re-formatted my hard drive and installed Windows XP (The wife couldn't get used to Linux, so had to go back to Windows). My plan was to then install Debian on this PC as a Dual Boot. I found that after the Debian installation, I could never connect to the Internet. I asked several times on different forums if they knew why, but didn't get very far, so I decided to call it quit and try a different distribution. I then came accross Mandrake 9.0 and RedHat 8, but these distros had the same effect. For some reason, my NICs (the machine has to cards) stopped working out of a sudden. I never suspected it had something to do with my Windows XP installation because this was working like a charm - WinXP was connecting me to the Internet with no problem whatsoever.
As nothing I tried really worked and I was getting fed up of re-installing and re-configuring the cards, I made one last attempt to get the problem fixed before giving up. By chance I found a reference to Knoppix 3.2 on the web and decided to download this disk and give it a try as I liked the fact that I could boot it up without installing it on the hard drive (this would speed up my troubleshooting). So I burned my ISO image to disk and booted my PC up with this CD - about 2 minutes later I was presented with KDE. I was ready to go.
I configured my NICs using the Knoppix Tool under the KDE menu (KDE Menu/Knopix/Network & Internet/Network Card Configuration) and then tried connecting to the Internet - you should have seen my face when I saw www.google.com open up in Konqueror!!. I was very pleased. So my cards were working OK again (or where they?). I decided to make a permanent installation of Knoppix and was going to install it on the hard drive and Dual Boot Knoppix and WinXP on this PC. I started the installation on one of the Virtual Shells (Ctrl+Alt+F2) while I played around with the CD version. The installation completed smoothly (though a bit slow) and everything was set up OK (including my network cards).
I rebooted my PC after the installation and then went back to a Shell Screen and ran the command: "apt-get update" but guess what?!!, apt-get came back with an error that it could not resolve the address specified (an FTP address) to download the security updates. I just didn't know what to do - what has changed?! all I did was install (copy the contents of the CD to the hard disk) Knoppix to the Hard Disk. All settings are identical!!
So, I went back to the CD and voila!, I was connected - I tried again from the hard disk and noway Jose!!!!
So, I'm getting a bit suspicious that maybe it has something to do with the Windows XP installation, but don't want to say it yet, so what I did is take my son's PC which had Windows 98SE on it and re-format it. I then made a clean install of Knoppix to the hard drive and to my surprise I connected to the Internet successfully - OK, success but this is completely new hardware (different net cards) so I have to make sure that is not the cards that have the problem. I again clean up the hard drive and make a clean install of Windows XP (NO SECURITY UPDATES!!) I configure the NICs and connect to the Internet OK. I then boot up Knoppix from the CD and connect to the net OK as well (now the moment of truth!). I once again wipe out everything on the hard disk and install Knoppix to it. I configure my NICs and everything else and try the Internet = MICRO$OFT SUCKS!!!
I was unable to connect to the Internet anymore!!! (I was very pissed off!)
So, Micro$oft has done something to its software so that hardware configuration is changed (to its advantage!). I went to Google looking for information to see if someone else was having this problem and that's when I found this post! (I'm sorry I've posted such a long thread!, I just felt like I needed to document everything and let off some steam at the same time! - I just can't believe that Micro$oft can be so cruel!)

Anyway, the types of NICs on the PCs where I tried the installations are...
MY Computer:
Silicon Integrated Systems (SIS) 900-based 10/100 Ethernet (Integrated NIC)
3Com Comporation 3c905C-TX/TX-M (Tornado chip)

My son's Computer:
Lite-On Communications Inc. LNE100TX (Kingston Technologies - Tulip chip)
Digital Equipment Corporation DECchip 21140 - FasterNet (Kingston Technologies KNE100TX - Tulip chip)

OK guys, I hope this info is of help for you - again apologies for the long long post!

Regards,

Junior

aay
05-11-2003, 03:28 AM
It's possible that you might be having the same problems that Harry has documented, but whe you say:


...then tried connecting to the Internet - you should have seen my face when I saw www.google.com open up in Konqueror!!.

and


So, I went back to the CD and voila!, I was connected - I tried again from the hard disk and noway Jose!!!!

This tends to make me think it's something else. As far as I know, Harry was unable to get his networking running by any meas (even with the cd) after making the XP security updates. So unless you're running a different version of Knoppix than Harry was using (I think there has been one update since he made his post) and that somehow fixes the problem (which I wouldn't think so), I think it has to be something else. I still wouldn't put it past MS though!!!

Hopefully some other people will be able to shed some light on this.

Don't feel bad at all for a long post.

Take care,

Adam

Stephen
05-11-2003, 04:54 AM
So, I went back to the CD and voila!, I was connected - I tried again from the hard disk and noway Jose!!!!

This tends to make me think it's something else.
Adam

If you installed with using dhcp for the network card connection I'd check in /etc/network/interfaces and make sure the proper entry was created.

Junior G.
05-11-2003, 11:07 AM
Hi Adam, Stephen,
I at first also though it was something else, but as I went along I found that it definetely has something to do with MS.
I found it strange as well that I could connect using the CD Version (I have Knoppix 3.2 - I see that Harry tried both Knoppix 3.1 and 3.2) but could not connect after installing to my Hard Disk. Something is written to the disk after the installation that the CD Version bypasses (At least on my PCs). Please remember that I had 2 working Linux PCs before installing Windows XP (even without Security Updates!). As soon as I installed Windows XP on these PCs, Linux will not connect to the Internet when installed on the Hard Disk - one thing I can do though, is browse my local LAN. I can see my PCs on the local LAN using Samba, but as soon as I try an external address, it just fails!.
I have checked my cards with "ifconfig -a" and I also see errors in the RX Packets and Carrier fields the same as Harry. I have downloaded the mii-diag utility from the Internet as suggested by Harry and will compile it and run it today to see if I can find something else out (I have tried the fix Harry suggests in his other Post but with no success)

I shall let you know the outcome!

Regards,

Junior

Junior G.
05-11-2003, 04:15 PM
Hello guys,
Just to let you know that I have no doubt in my mind Micro$oft is out to kill Linux!! - I am posting this thread from my son's PC after changing the net cards on it with an old Samsung SC200TX card that I had lying around. This card uses the same Tulip architecture (DECchip 21140) found in the Kingston cards. This card has not seen MS software for a long time (I think I used it once with Windows NT) so it still holds the factory settings, but I'm sure that if I install Windows XP now and then try connecting with Linux, I would not be able to connect.
I am now trying to figure out how to re-configure my other NICs to their original settings (NICs using the DECchip 21140 chip do have EEPROM!)
I have ran the mii-diag utility, but have not figured out what everything means. I also downloaded a Tulip Diagnostic Tool which I can use to change some EEPROM settings but don't know how to use it yet.

If anyone has used mii-diag or tulip-diag and could tell me how to use it to retrieve my EEPROM configuration from my now working card so I can re-configure my non-working cards, I would very much appreciate it.

Thanks for listening!

Junior

PS: MS sucks!!

Harry Kuhman
05-11-2003, 09:57 PM
I have two working DP83815 cards (and only a broken installation of Windows 98 on the box along with Debian). If you guys can figure out what EEPROM settings you need, I'll gladly post them.

I'm interested in this XP "security update" issue too. I have XP on my desktop (SiS900 onboard NIC), but I've disabled auto-updates and haven't updated it.


Ironi,

Sorry for the delay in getting back to you, I had mentioned here that I was going to be tied up for a while. I'm back now and will have more time to dedicate to this issue.

I'll respond to your post, then post what else I have in a separate post. There is a tool called natsemi-diag at http://www.scyld.com/diag/ that seems to access the information I need. You would need to download it and compile it (which involves remounting the HD that Knoppix opens in read only mode). Compile instructions are at the end of the file, compiles with Knoppix fine. Then run it from a shell with the sudo command:
"sudo natsemi-diag -ee". Sometimes I need the full path rather than the simple name, some times I do not; I'm enough of a Linux newbie that I don't know why yet, but if you give the full path for the name it should work. The -ee switch seems to be the information I need, but I wouldn't mind having the information that is given out with the -aa and the -mm switches too.

Thanks much for your help.

Harry Kuhman
05-11-2003, 10:04 PM
I configured my NICs using the Knoppix Tool under the KDE menu (KDE Menu/Knopix/Network & Internet/Network Card Configuration) and then tried connecting to the Internet - you should have seen my face when I saw www.google.com open up in Konqueror!!.


Junior,

Thanks. This is interesting. I didn't have to configure my NIC at all; it just worked fine after booting the CD. But then stopped after I ran the "security update".

There seem to be a lot of subtle differences in NIC configuration, though, so this isn't really a big surprise. I'm hard pressed to understand why anything would be different after installing Knoppix to hard disk, please let us know if you learn any more.

Harry Kuhman
05-11-2003, 10:23 PM
I had hoped to be able to post the results of a test someone with some software tools for watching the nic eeprom was going to do, but don't have any information on that yet. Will post when I get it.

I did test Knoppix on another friend's system. I expected it to fail as he is running Xp will all of the current updates, but he was able to connect to the Internet with Knoppix just fine! However, he has a NIC that I haven't tracked down any information on yet, so it could well be that his chip set doesn't even do eeprom configuration. Again, will post if I find out more.

By the way, a follow-up to a question that aay asked about which nics have eeprom: Apparently all do, as it has become the way of choice for manufacturers to store the unique MAC address into a mass produced nic. That is not to say that all also use the eeprom to store configuration information, but as it is there for the MAC address, many if not most seem to take advantage of it for this too.

There is a new release of Knoppix available dated 3-May-03. This release has a new software tool called ethtool. I have not yet fully learned what this tool can tell me, but running "sudo ethtool eth0" from a shell I see that my misbehaving nic seems to now be configured as a half duplex 10 mbps nic with negotiation turned off. This in itself would not be enough to keep it for connecting to my Linksys switch (I've used the switch with some old half duplex 10 mbps cards and it works fine) but it certainly isn't the way the card should be configured; another confirmation that the configuration information has been changed.

Here's something strange to report: I have also tried a Knoppix based distribution called Morphix (the Game version, 0.3-5.iso) and , as expected, it couldn't connect to the switch or the 'net either. However, my "sudo mii-tool -r" and "netcardconfig" trick does NOT seem to work with Morphix as it does with Knoppix to get the network back up. I don't yet understand this and it seems very strange since Morphix is said to be Knoppix based. IF anyone has more insight on this it would be welcome.

Ironi
05-16-2003, 12:21 PM
Hey Harry, we seem to have a latency problem. :) I forgot to check back sooner - sorry. Here's the relevant portion of the EEPROM of my two NetGear FA311 cards (National Semiconductor Corporation DP83815 (MacPhyter)).

Edited to remove (what I think is a) MAC address... 'x' is not a valid hexadecimal value.

Common to both cards:


Rx filter index 6 is 0000
Rx filter index 8 is 0000
Rx filter index 10 is 0000
Rx filter index 12 is 0000
Rx filter index 14 is 0000
EEPROM address length 6.
EEPROM contents:
0x000: 1385 f311 0b34 41f3 0000 0000 0000 8xx0
0x008: xxxx xxxx 1915 xxxx ffff ffff ffff ffff
0x010: ffff ffff ffff ffff ffff ffff ffff ffff
0x018: ffff ffff ffff ffff ffff ffff ffff ffff
0x020: ffff ffff ffff ffff ffff ffff ffff ffff
0x028: ffff ffff ffff ffff ffff ffff ffff ffff
0x030: ffff ffff ffff ffff ffff ffff ffff ffff
0x038: ffff ffff ffff ffff ffff ffff ffff ffff
Decoded EEPROM contents:
PCI Subsystem IDs -- Vendor 0x1385, Device 0xf311.
PCI timer settings -- minimum grant 11, maximum latency 52.
Wake-On-LAN password 00:00:00:00:00:00.

MAC precedes 1915; checksum is immediately after 1915. I'm not sure what '8xx0' (xx = different on both cards) is on line 0x000 - part of the MAC maybe?

Hope that helps.

Harry Kuhman
05-16-2003, 05:40 PM
Ironi,

Thanks, I'll try to see how that matches up with my eeprom later today. I do see one thing different; my eeprom has some of the bytes near the end filled in (non-ff values), But as I only looked at it after the M$ "update", that could well be something that M$ did too.

I'm still trying to get a hard and fast confirmation that M$ security updates change these values. Interested in sacrificing one of your cards for the cause (since you now have the original settings you should be able to reset them if need be)? If you're running XP then I would suggest just taking all updates and see if the eeprom is changed. If Win98 then Striker2002 posted a link to the update that he thinks is at least one source of the problem in the 4th message in this topic.

Harry Kuhman
05-17-2003, 03:15 AM
Ironi,

I've had a chance to compare my eeprom setting with yours, so far the information isn't very telling:
The first two items, the Vendor and Device ID's are, naturally, different. This was expected, even though they use the same chip, so no clues here. The next two blocks, 0b34 and 41f3 match, as do the three sets of 0000. Not sure how you figured out that the mac address follows; my contents don't directly match my mac address anywhere in all of that data, but I guess it could be scrambeled for some strange reason. Since the natsemi-diag does determine the mac address, it must know how to descramble it and exactly where it is stored. Guess my next step is to pick through the code to determine if or if not this is really the mac address. I'll post back either way when I know. That leaves the block of data you have as 1915. I have a 1905 there. This single bit could be the difference, but I have doubts; will need to determine what it is trying to do to configure the chip, but at least it gives me something to focus on.

Other feedback on this topic seems to have died down. I believe that while it seems extremely likely that the M$ "security update" is the cause of this problem, it's far from proved. More feedback from anyone and everyone that has anything to contribute to this would still be very welcome.

Ironi
05-18-2003, 08:23 PM
Ironi,
I'm still trying to get a hard and fast confirmation that M$ security updates change these values. Interested in sacrificing one of your cards for the cause (since you now have the original settings you should be able to reset them if need be)?

Perhaps, if I knew how to restore the original EEPROM settings.



If you're running XP then I would suggest just taking all updates and see if the eeprom is changed. If Win98 then Striker2002 posted a link to the update that he thinks is at least one source of the problem in the 4th message in this topic.

I've got Windows 98 on the box, but it's broken (won't even boot)... I suppose I could install XP, but I don't really want to.

Harry Kuhman
05-18-2003, 11:36 PM
Perhaps, if I knew how to restore the original EEPROM settings.

Well, first of all let me say clearly that I have not done this yet myself (I haven't figured out yet exactly what the setting should be in my HP notebook NIC). But the same place you got the diag that you used to read the rom, http://www.scyld.com/diag/index.html, says that -w (or in same cases -w -w ) can be used to write the values back to the eeprom. -w is listed as an option "implimented in all diagnostic programs". I'm not certain of the exact syntax of this command, but the factor stopping me from resolving it is that I don't yet have a full pre-update set of values.

If you're looking at a built-in nic in a notebook, then I would say use caution rather than experimenting. But if (I thought this was the case) your nics are separate cards, then the worst that should happen is a card could get changed. NIC cards are cheap (for example, you can get one free after rebate this week at OfficeMax, so you're just out sales tax and a stamp). Between that and the likelyhood that the setting can be recorded and restorded should make it worth doing to prove if the update is really the source of the problem (and if something else is changing these NICs rather than M$ "security updates" we really need to know that.

stevethayne
05-24-2003, 03:49 PM
More fuel to the fire...the spare network card I had been successfully using for Knoppix, and retained for Knoppix only, I had to start using for XP. (long story...I messed up my XP settings somehow - can't reinstall the original network card.) Had refused any security updates from XP, as far as I know. But this spare card now no longer works for Knoppix. Interesting. Surely Microsoft can't be actively modifying the eeproms of all cards, or all that have accessed the net through Knoppix, to stop them accessing the web. Looks I'm becoming one of those weird conspiracy theorists....which way Roswell people....?! :)

stevethayne
05-25-2003, 09:30 PM
This is a continuation of the previous post for me really - just to say that Morphix now connects me to the net fine, whereas the Knoppix cd that did last night, did not this am, with no intervening use of anything else - tried it again after switching off the modem. Anyway, selfishly, I have a net connection with Linux, so am happy - but still curious as to what the issues are.

Henk Poley
05-27-2003, 01:50 PM
I've had strange problems with my networkcard on Morphix (but not on Knoppix) when I did a warm reboot from Win98.

Harry Kuhman
05-28-2003, 10:12 PM
For anyone who missed it (mentioned here in another less read thread), Microsoft has pulled a "Windows Security Update" that was just released last Friday (long after this topic showed up here) because it was breaking networking on some systems. I can't help but wonder if it wasn't more of the kind of thing we have been seeing, but this time affected their own systems too. The story is at: http://news.yahoo.com/news?tmpl=story2&cid=528&u=/ap/20030527/ap_on_hi_te/microsoft_bug&printer=1

I have been working with ethtool to try to understand why my NIC no longer starts up properly under KNoppix when it did six weeks ago. Using the command to dump the register settings I can see a number of registers are changed between when I first start and after I reset the nic with mii-tool. It still looks like an auto-negotiation issue to me, but it certainly could be that something else is keeping the auto-negotiation from happening (I do have some doubts about it being auto-negotiation because I can't rationalize how I can still receive packets with the unreset nic at 10 mbs, I just can't send packets with it). I'm posting the differences below (not all the register settings, which are much more detailed) in case they will help anyone else working on this or on the chance that someone can look at them and give me a better idea of what is going wrong. It's still a little long, but shouldn't be a problem unless you print this forum to read later:

Difference in register settings as reported by ethtool
between non-functional network and reset working network.
Not all regeister and not all decoded bits for shown registers
are listed here, mainly only differences in the register
values are shown.

After windows security update on power up (network not working):

Mac/BIU Registers
-----------------
0x00: CR (Command): 0x00000000
Receive Idle
0x04: CFG (Configuration): 0x8005e000
Auto-Negotiation Not Done
Half Duplex
10 Mb/s
0x10: ISR (Interrupt Status): 0x00018000
High Bits Error Interrupt: Active
Rx Status FIFO Overrun Interrupt: Active
0x18: IER (Interrupt Enable): 0x00000000
Interrupts Disabled
0x20: TXDP (Tx Descriptor Pointer): 0x19405260
0x24: TXCFG (Tx Config): 0x10f01002
Heartbeat Ignore Disabled
Carrier Sense Ignore Disabled
0x30: RXDP (Rx Descriptor Pointer): 0x00000000
0x34: RXCFG (Rx Config): 0x00700020
Tx Packets Rejected
0x3c: CCSR (CLKRUN Control/Status): 0x00008100
Power Management Enabled
0x40: WCSR (Wake-on-LAN Control/Status): 0x0000000a
0x44: PCR (Pause Control/Status): 0x00200000
Pause Negotiated
0x50: BRAR (Boot ROM Address): 0xffff0004
0x5c: MIBC (Mgmt Info Base Control): 0x00000002
Counters Frozen
0xe4: PHYCR (Phy Control): 0x00bf
Pause Compatible with Link Partner

Internal Phy Registers
----------------------
0x80: BMCR (Basic Mode Control): 0x0080
Auto-Negotiation Disabled
0x84: BMSR (Basic Mode Status): 0x784d
Auto-Negotiation Not Complete
0x90: ANAR (Autoneg Advertising): 0x05e1
Protocol Selector = 0x01 (1)
Advertising 10Base-T Half Duplex
Advertising 10Base-T Full Duplex
Advertising 100Base-TX Half Duplex
Advertising 100Base-TX Full Duplex
Advertising Pause
0xc0: PHYSTS (Phy Status): 0x0003
Link Up
10 Mb/s
Half Duplex
Auto-Negotiation Not Complete

'Magic' Phy Registers
---------------------
0xe4: PMDCSR: 0x109c
0xf4: DSPCFG: 0x5040
0xf8: SDCFG: 0x088c
0xfc: TSTDAT: 0x0000


After mii-tool -r and netcardconfig (network working):

Mac/BIU Registers
-----------------
0x00: CR (Command): 0x00000004
Receive Active
0x04: CFG (Configuration): 0xe805e000
Auto-Negotiation Done
Full Duplex
100 Mb/s
0x10: ISR (Interrupt Status): 0x00000000
No Interrupts Active
0x18: IER (Interrupt Enable): 0x00000001
Interrupts Enabled
0x20: TXDP (Tx Descriptor Pointer): 0x116d3280
0x24: TXCFG (Tx Config): 0xd0f01002
Heartbeat Ignore Enabled
Carrier Sense Ignore Enabled
0x30: RXDP (Rx Descriptor Pointer): 0x116d30d0
0x34: RXCFG (Rx Config): 0x10700020
Tx Packets Accepted
0x3c: CCSR (CLKRUN Control/Status): 0x00008000
Power Management Disabled
0x40: WCSR (Wake-on-LAN Control/Status): 0x0200000a
Broadcast Packet Received
0x44: PCR (Pause Control/Status): 0x00000000
Pause Not Negotiated
0x50: BRAR (Boot ROM Address): 0xffff0010
0x5c: MIBC (Mgmt Info Base Control): 0x00000000

Internal Phy Registers
----------------------
0x80: BMCR (Basic Mode Control): 0x1000
Auto-Negotiation Enabled
0x84: BMSR (Basic Mode Status): 0x786d
Auto-Negotiation Complete
0x90: ANAR (Autoneg Advertising): 0x0181
Protocol Selector = 0x01 (1)
Advertising 100Base-TX Half Duplex
Advertising 100Base-TX Full Duplex
0xc0: PHYSTS (Phy Status): 0x0615
Link Up
100 Mb/s
Full Duplex
Auto-Negotiation Complete
0xe4: PHYCR (Phy Control): 0x003f
Not Pause Compatible with Link Partner

'Magic' Phy Registers
---------------------
0xe4: PMDCSR: 0x189c
0xf4: DSPCFG: 0x5040 <-(only this register not changed)
0xf8: SDCFG: 0x108c
0xfc: TSTDAT: 0x0024



[/b]

JSearles
05-29-2003, 12:16 PM
Harry, thanks for being such a bulldog on this issue. I have been following it for just about a week. I just found out about Knoppix about 10 days ago. When I got my copy in the mail, I went straight to an old 98 PC. In less than 2 minutes I was on the internet via a wireless nic. To say that I am impressed is a gross understatement. If I were in M$ shoes, I would be very concerned. This is entirely too easy.

I said all of that to say that getting to the bottom of this issue is extremely important to me because of an upcoming project that could be incredibly simplified with Knoppix, but most of my users have XP home. I have a Dell XP ,Pro box with an Intel 8255x NIC that I really need to use Knoppix on, but am terrified. I have several computers in varying configurations and even more NIC cards that I could put at the disposal of this project if it would help. It seems though that you have already done a thorough job of rooting out the core issue. Now finding a solution is the key.

I am not a Linux techie, but I follow directions well. I have spent all of my professional life in the "M$atrix". Being welcomed into the "Real World" has been both a shock and a welcome relief.

Let me know if I can help.

Harry Kuhman
05-30-2003, 08:53 AM
Let me know if I can help.

One thing you and everyone else can do to help, and this may very well help you a lot more than it helps me, is to record as much information as you can for your NIC now while it is still working. I've been using the card specific tools found at http://www.scyld.com/diag/ and I suggest starting there. Get the utility for your NIC, compile it, and save the register settings (-e and -ee options). I would suggest piping this and any other output you can get from the program to a text file on the hard drive for later reference. If I had this information for my new expensive notebook NIC I expect I could restore it to working, as it is I need to use a few commands to get things going each time I boot (at least they work, some users report they don't work for them).

There is also a utility called ethtool that has been in Knoppix since the 3-May-03 release. If you have an older version, I suggest upgrading. ethtool will print out some very detailed register information, and well as claiming to print out eeprom info. Unfortunately, in my case the eeprom info does not match what the nic specific diagnostic reported, and it looks like ethtool is wrong, but at this point I would still reecord any and all information I could get ethtool to pump out about the NIC.

Hopefully you will not see the problem and will not need the information, but it's far better to get it now than curse not having it later like I'm doing. (You've been warned, I wasn't). It would have been very handy to the cause if "KMAN" had recorded this, if his problem posted tonight turns out to be the same problem.

And of course, if you do see a loss of the ability to connect on the network, try to write down everything you know you did to the system since it last connected to the network with Knoppix. This includes any bootable CDs including other versions of Knoppix or other bootable Linux versions, and anything booted from your hard disk. If you can remember anything you ran or did on-line, make a note of it. Try to ping any other local system you might have, or if you have no local network record an ip address of a close machine at your ISP and try to ping that. If the ping fails, look for and report any error messages you are seeing on your network connection.


Another thing I would appreciate if you or anyone else can do is search as many Linux forums and news groups as you can looking for other indications that people are seeing this. If it is really what I think it is there should be lots of traffic about it, but I have looked and I'm not finding that. Maybe I'm just doing a bad job of searching, would like to know. On the other hand, it wouldn't affect anyone except dual boot people (users replacing Windows with Linux might find that their nic doesn't work, but only dual boot people can know it worked yesterday and not today, and only CD boot people will be certain that their Linux wasn't changed), so users like Knoppix users are more likely to be experiencing the problem than Linux users at large if it is related to something another OS does.

kingarthur
05-30-2003, 01:51 PM
Hi folks,

perhaps I haven't spent enough time to go through all posts but enough to realize that networking connection is a real (and most important!) problem with Knoppix HD install...
I have installed on separate HD's Win95 and the Knoppix ISO-3.2 in order to keep the win harddisk untouched as well as practice a bit.
Sad as it is, I have gone nuts to work around my networking problem only to realize that this is common: booting up from CD everithing is OK; after installing on HD, internet browsing is gone.
By the way, this is important, I am using dial-up connection hence no relation with NIC eproms.... Sorry to disappoint a lot of you :-)
Nothing to do also with XP security issue as well as good old Bill Gates....
Any comments out there?
:roll:
Pieter

stevethayne
05-30-2003, 07:39 PM
Harry (and others)
Have used 3 of the 4 versions of Morphix. Each of them connected to the net fine on first try. Each of them failed to connect on a subsequent immediate boot without having booted into Windows first. Went back to a new cd of Knoppix (newer version), connected fine to the net. I left it running for 2 days - net connection maintained fine. Rebooted today, could not get a connect to the net - again without having first booted into windows. I genuinely don't understand this. Could Knoppix and it's variants
be relying on something present on the network after a windows boot that isn't there after a knoppix boot and connect? Could my provider be actively blocking Knoppix connections once they're identified as such? Any ideas?

Harry Kuhman
05-30-2003, 07:51 PM
Harry (and others)
Have used 3 of the 4 versions of Morphix. Each of them connected to the net fine on first try. Each of them failed to connect on a subsequent immediate boot without having booted into Windows first. Went back to a new cd of Knoppix (newer version), connected fine to the net. I left it running for 2 days - net connection maintained fine. Rebooted today, could not get a connect to the net - again without having first booted into windows. I genuinely don't understand this. Could Knoppix and it's variants
be relying on something present on the network after a windows boot that isn't there after a knoppix boot and connect? Could my provider be actively blocking Knoppix connections once they're identified as such? Any ideas?
This is pretty much the opposite of the problem I've been tracking here (you might even want to start a new thread on it).

I think we need more details on your setup before we can come up with good theories. How do you "connect to the net? DSL? Cable modem? Do you have a router, hub or any sort of local network? Can you ping local machines and just not get to the internet or is all networking down? How do you log in to your network connection (if you do at all)? By something in Windows and Knoppix or by a setup in a DSL router like the Linksys? (I'm wondering if Windows is logging in OK but Knoppix isn't) Are you even connecting through eth0 or through something else like a modem? If eth0 then please tell us what you get when you fail and then run ifconfig eth0 and run any other diags you can and see if there is a clue as well.

kingarthur
05-30-2003, 10:37 PM
To Harry and Steve and all others....
I can't see myself as a Linux guru (far, far from that) :roll: however after 19 years of computing and a full one devoted to Debian/Linux on several ports I tell you boys, this is the strangest thing I have ever seen so far...
The last few days I have been posting also on the Italian-Debian ML to find out a solution but nothing so far.
At least, here I found a kind of reassuring learning that I am not fighting alone on this issue.... :-)

I have been trying very hard on getting this machine to work testing with the network and changing everything I could possibly think of so far with my (limited) means: Dialup connection works fine, I can ping into my ISP but that's about all I can. Tried several different modems, internal external, still nothing apparently changes.
I also tried NAT forwarding through other UNIX but also this doesn't seem to work even though I can browse the local (home) web server ????
So it seems to affect all NICs at least on my set-up.
To give you the full picture, my windows95 is installed on a (slave) ide hard disk as I wanted to keep everithing untouched on this HD which used to be the Master before I got my hands on it and added another HD fully devoted to Knoppix...
I find it very difficult to see any relation with this problem and Microsoft unless they manage to install a anti-linux virus world wide... :-)
Please let me know if I am the only one having this problem apparently not related to Windows...
However, better would be getting a solution for it as this is a friend's PC which I wanted to turn to Linux.... :-(
Bye for now
Pieter

zipster
06-02-2003, 06:02 PM
WEll, add me to this list I guess. For a few weeks I have been telling my friends that I have somehow broken Knoppix"Crazy" they called me. Here is my story.
I run XP Home on my HP laptop - with the same National Semi DP83815 lan card. I had enjoyed knoppix so much that I took the dive partitioned my HD and installed it, I couldnt connect after that, so off I went to find out that one has to turn-on networking in debian by default, ok, did so and went out on the net and happily apt-getted (apt-got?). So after a few days of regular use I boot into Windows and nothing, no net at all. Hmm.. Boot up knoppix, no net either. Well, lots of places to jack in so I try different cable and a new port into windows, nothing. Then back to knoppix, back to windows, windows once more - finally! Boot 4 on windows gets me to the net, knoppix never does. the mii-tool -r netcardconfig trick works for me(as you would expect)
So, not meaning to troll here but I have yet to see this mentioned. Could it be knoppix? As I understand it, this is Debian unstable, and it booted and ran just fine, until after the apt-get update ran. I find it odd that some of the posters have run into this issue with windows 98 and xp systems not set to auto-update. I used an older knoppix (which sadly I cannot recall which one - certainly pre-May) to installl from and I am curious if this isnt the issue. Again - dont get me wrong, I dislike 'ol Bill as much as the next linux hacker, but this does seem to be sort of an odd ranging problem.
So then, I guess the question is what knoppix are you using?? I will try to find all the old downloads and burn/boot and post the results back here. I truely like this distro, and would love to see it back on my laptop (BTW - Mandrake 9.1, which I dumped on there - sees the net just fine) so I will let you know what I find.

-Penguinly Yours
-Zipster

stevethayne
06-02-2003, 06:30 PM
Hi Harry,

I connect through a cable modem (Surfboard it says on the box!) there's no login to the broadband service. Knoppix and Morphix find both ethernet cards on my system, eth 0 and eth 1, and I connect through one of these. There's no local network, it's a standalone computer. Will keep trying with Knoppix, and try to find more info re ifconfig. My plan is also to install another ethernet card (I had two identical, part of a phone networking kit) and try to use Knoppix through that. What I need though is really idiot proof instructions as to how to compare the eeprom settings and anything else on the 2 cards, so that if the previously unused one works, we can see why - can anyone help with this?

Thanks,

Steve.

Stephen
06-02-2003, 06:44 PM
Could it be knoppix?
-Zipster

I don't see how it could be knoppix I have been using it for months and have never had a problem and I update the system at least once every day. So it is not knoppix (debian) causing any problem with network cards both my machines here work even better than they did when using windows to access the net.



I find it odd that some of the posters have run into this issue with windows 98 and xp systems not set to auto-update.

The really odd thing is all the troubles seem to be with machines that have linux and windows on a machine that has access to the internet even if it is "not" ?? using auto-updating. My machines have been free of the Micro-infestation since early last year and as I have already said work perfectly. So windows is the common factor and Microsoft has in the past used techniques (broken the law) to cripple other software makers products so that's the first place I would look for the source of the trouble.

Harry Kuhman
06-02-2003, 07:27 PM
So, not meaning to troll here but I have yet to see this mentioned. Could it be knoppix? As I understand it, this is Debian unstable, and it booted and ran just fine, until after the apt-get update ran. I find it odd that some of the posters have run into this issue with windows 98 and xp systems not set to auto-update. I used an older knoppix (which sadly I cannot recall which one - certainly pre-May) to installl from and I am curious if this isnt the issue.
I don't think you're trolling at all; I think it's an important question to ask.

In my case I think it was one of two things that did this. I ran XP's windows update for the first time on my new HP notebook, and I also used Knoppix 3.2. I had been running Knoppix 3.1 fine for a couple of weeks without any problem. I'm just not certain if I ever ran 3.2 and also accessed the network sucessfully. I think I did, but I'm not 100% certain. After the XP windows "security update" I again ran Knoppix 3.2 and this was the first time I saw the network access problem. I went back to 3.1, but it also would not work.

I think it's worth mentioning here that I never did any "app gets" under Knoppix, never installed to my hard drive, and never used the network under Knoppix for anything other than web browsing and checking e-mail.

After a lot of digging I find that the configuration for the nic is now wrong. It's not a surprise that software that defaults to using it as configured fails, and Knoppix (both 3.2 and 3.1) apparently does this. Windows, on the other hand, obviously ignores the eeprom settings that are now wrong and configures the nic to work fine.

In addition to Microsoft's outright declairation of war on Linux, I have to wonder why any OS would not use the default configuration found in a nic eeprom. The whole purpose of this is eeprom is to let a manufacturer or advanced user configure the nic for what they consider optimum results. There is no reason to think these setting are bad unless you know someone is deliberately making them bad, so why override them? Plus, Microsoft has a long history of suck tricks, including software changes designed to hurt Java, Netscape, and others going back at least to DR DOS. This would be the first time to my knowledge that they harmed users hardware, but what other way could they use their software to affect Linux (given that they already have tools in place on the web that work against any non-IE browser and that isn't enough in their fight against Linux).

It is not a proven fact yet that M$ is doing this. Collectiing information is the reason for this thread. But I'm not seeing reports of a Linux only user who suddenly has the problem, only users who are also running Windows.

Yes, there can well be problems when you first install Knoppix to a hard drive. We have to look at those reports and ty to understand what happened in each case. But I don't see an indication that Knoppix is causing this as a trend; that trend seems to be reserved for Windows.

While I did run the "security update", you say that you did not when this happened to you. But M$ may have more than one way to skin a cat .... err penguin. You are aware, for example, are you not, that Media Player can report home any time and get instructions from Microsoft to do anything they want it to do? They actually have wording in the fine print of the licensing agreement that says you give them the right to disable any other software on you machine for any reason! This can certainly include other software that you have bought or free open source software that you have downloaded. There are also some "security updates" that they flag as critical, and don't bother to ask if you want to install.

But could this be some eeprom change that happened by accident from Knoppix? It seems unlikely for another reason. Not only does the eeprom change is a way that normally keeps the NIC from running properly, but the MAC address does not change, and the checksum for the eeprom is correctly set to a new checksum to match the new bogus settings. It strikes me that this has to be a pretty deliberate act to set the checksum corectly to it's new value.

Still, it's well worth asking, and the reason I worded this thread topic as I did. I think we need to have solid proof of this, and then go very public about it, whatever the cause.

Harry Kuhman
06-02-2003, 08:00 PM
My plan is also to install another ethernet card (I had two identical, part of a phone networking kit) and try to use Knoppix through that. What I need though is really idiot proof instructions as to how to compare the eeprom settings and anything else on the 2 cards, so that if the previously unused one works, we can see why - can anyone help with this?


I pretty much ahve to give you the instructions I have laid out in detail in these threads already. Please go back and read through the previous posts, it should give you all the information you need. without knowing exactly what network cards you have and what chips are on them I can't tell you the exact diafnostic program to run anyway. But I think I''ve documented the steps I took and would ask others to take pretty clearly. Please read over them, think through what you are going to do, and ask any questions now before you start if something isn't clear.

What I would suggest:
Now, before you go to the new NIC, look at http://www.scyld.com/diag/index.html and download (from windows) the proper diagnostic utility for your NIC.
You'll need to compile this under Knoppix. Again, you can do this now, before your new NIC is installed and at risk. You boot Knoppix, open a shell, mount the hard drive as writeablle. and use the command line at the end of the file. You should be able to run the diag on your now bad nic before you switch to the new one. If any diag complains you need to be root to run it, just add " sudo " at the front of the command line.
Having done this should give you a good feeling that you are ready to swap nics. I would also record all of the information I can get from the diag for your card and from ethtool (in any knoppix since 3-May-03) for your old card, it will be very handy in comparing these values to the new uncorrupted card. If you have any questions when you get to this point ask again before you sawp the nics.


Then I would suggest then swapping Nics.

Do NOT run Windows with the new Nic before you take the next steps: Boot knoppix. See if you can get to the Internet (I just click the Knoppix link in the browser window that opens). Mount your hard drive as writeable (so you can easily pipe the output of the diagnostics to a file) and run the diagnostic you compiled, and ethtool, and collect all of the register and eeprom information that you can. Look at how the eeprom differs from the other NIC (obviously the MAC address and checksum will be different, but what else was changed?). And keep a record of these eeprom values. If your new Nic is changed again by something it will be very informative to return the Nic to it's proper state and see if it keeps happening.

PLEASE let us know how this goes. Ask questions and I or someone else will try to answer them. I do understand your wish for idiot proof instructions, I'm very greem with Linux myself and sometimes need to spend extra time with a man page for something that should be obvious to most Linux users. But there is no such thing as completely idiot proof, and I don't want to start writing instructions that begin with "make sure the computer is plugged in and connected to the monitor", and yes, I have taken support calls where these were the problems. If you've gotten this far you can likely do this with the information that has been posted so far, and it will be a very important contribution to this research (as well as getting your own system up and running again, and give you the tools to keep it up and running from what is changing the Nic to keep you from running Knoppix).

stevethayne
06-02-2003, 09:14 PM
Hi Harry,
My intention was to install the "new" ethernet card in the spare slot on my pc, and to have both the "old" and "new" ones in the system at the same time. That way I can just swap the cable from one to the other, to see if one is working after the other is not(after reboot of course). Plan to do this tomorrow uk time...got a day off...:) and am dog tired now. Thanks for your help, will let you know how I get on.

Steve.

Harry Kuhman
06-02-2003, 10:20 PM
My intention was to install the "new" ethernet card in the spare slot on my pc, and to have both the "old" and "new" ones in the system at the same time.

You should be able to do this, assuming, of course, your plug-and-pray bios likes the two nics and such. Knoppix should be pretty good about finding and using eth1 if that's where the ethernet is connected too (my experience, your results may vary). Give it a try, you can always yank the old card if there is a problem. I would still stress that you should lay the ground work and get the diagnostic you will use, compile it, and test it with the old card before you install the new card. Record all of the information you can.

I would also record the MAC address for the old card. You're going to have two of the same brand and model nic in the system, and you have no right to expect that eth0 will be the old one and eth1 will be the new one, it could well be the other way around. You'll need the MAC address to be sure which card is assigned eth0 from Knoppix. And it might not be the same card that Windows sees as the first ethernet card. I would also consider putting a mark along the top of one of the cards with a permanent marker so that I could tell them apart a month from now. In my case I would mark the old, now misconfigured, card with a black marker, but mark one in some way that you will be able to remember which one you marked (don't just put a mark on one and then try to remember later "Which on did I put this mark on, the new or the old?")

Good luck and please lkeep us current on your progress.

stevethayne
06-08-2003, 03:11 AM
Hi Harry, and others
No joy in getting a connection to the net with the alternative network card. Had to wait 24 hours for the mac address to be registered with my provider. But then got no connection to the net through it, despite not having previously used the card with windows xp. I guess that doesn't disprove the windows xp connection, but it does add to the confusion for me. I wonder if father Knopper himself is aware of the difficulties we've been having....:) Maybe he (or others) can write in a fix to the auto detect.

Harry Kuhman
06-08-2003, 05:36 AM
No joy in getting a connection to the net with the alternative network card. Had to wait 24 hours for the mac address to be registered with my provider. But then got no connection to the net through it, despite not having previously used the card with windows xp.

The 24 hour wait is a killer. Will make it unlikely that you'll be able to swap cables on the NICs as you said you planned to do.

I would suggest that you might want to look into a DSL/Cable router link the Linksys. They are dirt cheap now and will avoid this problem for you, as well as providing an extra level of firewall protection and form the start of a local network for you. Thiis switch/router, and others like it that I have seen, allow you to "clone" the MAC address of the card that the cable company already knows about, and present that MAC address to the cable company. Of course, on the local side of the router it uses it's own MAC address and talks to your NIC with that MAC address just fine. In this case it would greatly help issolate the problem too. If your local network does not work then, the problem is certainly not with the cable company; if the local network works fine then you could well have an issue with the cable company.

Have you been able to learn anything about why the new NIC does not work? What types of errors are you seeing? Have you tried manually setting up the NIC rather than using DHCP? What step do you want to take next?

stevethayne
06-08-2003, 12:57 PM
Hi Harry,
I'm writing this via a suse live connection. Having read another post, thought I'd try it, and it has connected to the net fine. Not sure what it does differently, but like you said in a nearlier post, it's no surprise that some live cds get around the problem in the same way that xp does.
The 24 hour wait was to have an additional mac address registered with the cable company. (they let me have registered at any one time). I tried to work out what the problem was. Again, my technical knowledge is limited here. But I tried writing down the settings from windows (from ipconfig /all) and replicating them in Morphix via sudo ethconfig (or something similar gleaned from a forum post!) Interestingly, the settings were quite different in Morphix. The IP address was different, though I think this is normal, that I don't have a static IP address with my cable connection. The gateway also seemed to be different. And the Host (I'm doing this from memory - might not have this exactly right) which I think should have been www.blueyonder.co.uk - this field was blank under Morphix. Also, when I tried using another Network config tool in Morphix, I was told that they were unable to get a response, which they said might be because the cable was unplugged, or because another process was in the way. (Got similar info from Knoppix)

Hope this helps - sorry it's all a bit vague. Will let you know if Suse live has problems connecting on subsequent boots. I far prefer Knoppix, so am hoping someone can combine Suse's workaround with Knoppix....:)

Harry Kuhman
06-08-2003, 10:39 PM
Interestingly, the settings were quite different in Morphix.
Yea. I don't understand what has been done with Morphix. I thought it was to be pretty much a Knoppix distro with the appliications changed for a specific use. I got the 35 version of the "game" release, it had the same problem with my now misconfigured NIC that Knoppix does, but sudo mii-tool -r doesn't seem to correct it the way it does in Knoppix. They were nice enough to keep around the mii-tool command, as well as netcardconfig, but something has been changed so that it doesn't help. Wish I knew what, this might be another piece in the puzzle. If anyone knows what has been changed, please post back here. (And please post why it was changed if you know that too.)

By the way, the .35 game release of Morphix is OK as far as it goes, but they didn't fill the CD and there seem to be a number of games that could have been included that were not. Some games in the menu just don't seem to work though, like the Unreal Tournament 2003 demo (which seems strange for a live CD). With Knoppix removing games to make room for other things, Morphix is a nice project though, and I hope future releases have more games and less that don't run, and I sure hope I can figure out why I can't get my network interface working the same way I can get it working in Knoppix.

Harry Kuhman
06-10-2003, 09:56 AM
I just came across something very strange with my NIC problem - and something that might help others who are having NIC problems but can't get the sudo mii-tool -r trick to work.

First of all, I just found this with the June 6 2003 release of Knoppix, but did some tests on my older version (5-16-03) and found it worked there as well. Have not checked with proir versions, but it likely works with them too.

I just got Knoppix working on my HP notebook with the NIC that used to work but stopped working after I installed XP security updates! Here's what happened: I booted Knoppix. Normally I just hit return at the boot prompt, but this time I typed in expert. I typed an n to all six of the optiions I was asked to allow me to reconfigure devices or load extra stuff. I would have expected that giving an n in each case would be just the same as taking the default boot, but somehow something is different - when I boot this way my NIC works properly without having to reset it with mii-tool!

I have no theory at all on what could be different in the boot process. I don't even have a good idea where to look next. It's a pain to boot this way, almost easier to just do a default boot and then run the two commands I use to get the network back. But it seems like there could be some important information on what is going on here if anyone has enough Linux network experience to figure out why the system is different if booted this way.

And yes, I have confirmed that the problem still exists with the 6-6-03 release if booted without the expert option.

Those others who have lost their ability to connect to the network at all when booting Knoppix might want to try booting this way and see if it helps you too. Pleae report back both sucess and failure so we can all continue to track this problem.

And if anyone has any thoughts on what I should look for on my system to help figure out why booting this way changes the way the network is started, please share them with me.

zipster
06-10-2003, 08:25 PM
Harry -n- All

Thought I would add my latest experiment to the pile of confusion. I got my hands on an old PII 333 that had only ever seen Win98. Booted the old 3.1 10-22-02 release of knoppix, saw the net just fine, I then installed it, changed the Debian network dongles, and it saw the net just fine, ran it for a bout a week, no issues. I then installed the 5-20-03 knoppix - now not only cannot it see the net, it wont even acknowledge that it has a NIC! mii-tool, and netcardconfig all give no eth0 errors. I am going to try to reinstall 10-22-02 to see what happens.

P.S. this may be my own ignorance but one of the errors I get is something to the effect of "Ignoring lo=lo" now I know that it has to do with the iface file in etc/network ...but any help here?

-Zipster

Harry Kuhman
06-10-2003, 10:13 PM
.... I then installed the 5-20-03 knoppix - now not only cannot it see the net, it wont even acknowledge that it has a NIC! mii-tool, and netcardconfig all give no eth0 errors. I am going to try to reinstall 10-22-02 to see what happens.
This is interesting, although I'm not sure what it might tell us. My initial sucess with Knoppix and the Internet was also with version 3.1. As I've mentioned before, I don't know if I ever got a good internet connection when I booted v3.2 or not; I did boot 3.2 before the problem and think I went to the Internet with it, but I'm not 100% certain.

Your symptom sure seems to be different than mine, no longer being able to even see the NIC! I haven't installed to hard disk, so that is a big difference too. I would suggest the following: Before you reinstall, try booting 3.1 from the CD and see if it still can connect to the internet. If it can then there is likely something wrong with the hard disk install. But if you can't connect to the network from the CD that used to work, then there's nothing to be gained by reinatalling everything to hard disk again.

I'm guessing that you didn't record your NIC's eeprom values while the system was still working, since you didn't mention that. But by chance did you? It would give an excelent way to compair them to what they are now and confirm that the eeprom is being changed. You might also want to get the diagnostic for your card from Scyld (http://www.scyld.com/diag/index.html). The diagnostic might still be able to see the card even though the rest of Linux does not (if you're lucky). Also, at least the one diagnostic I looked at has an "emergency eeprom reset" option (look in the source code itself, I didn't see mention of it in the documentation but if you read the source code it might be there). If you can dump your eeprom with the Scyld diagnostic and/or with ethtool, please do so before you do any emergency eeprom rewrite, and if you do an emergency rewrite please let us know if it helped and if so what the new values for the eeprom are.

zipster
06-13-2003, 12:00 AM
Harry-

(best Paul Harvey voice) And now, for the rest of the story ....

(a quick clarify -
mii-tool, and netcardconfig all give no eth0 errors - means "No eth0 card detected errors" not "no erros with the NIC :) )

So, I boot up the old gal under 3.1 ...and nothing , no net cant get it to even see the card .... so I have another hany - and I switch them out and boot under 3.1 ...still nothing...boot from HD under 3.2 ...nothing ....finally I install Mandrake 9.1 ... and it goes to auto detect the card on install, fails - asks me to manualy tell it what it is (never seen mandrake do this, kinda odd) - and then it corrects me as I have chosen the wrong card.. I finish the install and on rebbot it takes a long, long time at the DCHP part, but comes up and sees the network fine. Hmm. So I ( irritated) slot the 3.2 disk into the WinXP (up to date patch wise) machine next to that one, boots fine sees the net, but I just tried 3.2 again in that same windows machine...no dice...I have 34 Win XP machines all ghosted to the same thing....should I try to get eeprom readings ( how again in xp?) and post them?

-Zipster

guylan
06-15-2003, 03:10 PM
I did not give M$ the permission to modify MY HARDWARE!!!
How dare them!!!
If we can prove that one of their patches and which patchi it was that changed the bios of our cards then we should be able to win this in a court of law easy.

I am not a M$ basher but there are limits to what a company should be allowed to do in the name of profit.

Dave

garyng
06-15-2003, 04:05 PM
I did not give M$ the permission to modify MY HARDWARE!!!
How dare them!!!
If we can prove that one of their patches and which patchi it was that changed the bios of our cards then we should be able to win this in a court of law easy.

I am not a M$ basher but there are limits to what a company should be allowed to do in the name of profit.

Dave

I doubt you can win. With their shear financial strength, they would have everything covered, somewhere in that user agreement when you install XP. You allowed them to install something on your machine which already means modifying your hardware. I can't see the difference between modifying the content of a harddisk and flash, be it bios or NIC. The only chance you can win is to prove that they do it deliberately for the purpose of not allowing other OS to function, but that is very very hard.

guylan
06-15-2003, 06:10 PM
Probably true...garyng.

Although I can not figure out any reason for them making this mod other than to disable linux from running on this machine on a network.

btw we still do not have any fix for this atm? do we?
I am running an HP laptop with that National Semiconductor NIC.

thanks again
Dave

Harry Kuhman
06-15-2003, 07:25 PM
btw we still do not have any fix for this atm? do we?
I am running an HP laptop with that National Semiconductor NIC.


The two fixes I have that each seem to work for me on the HP notebook with the NatSemi NIC are:

1) Boot. Confirm failure. Open a shell. type sudo mii-tool -r. type netcardconfig and reconfigure the card with either DHCP or put in your expected values. I can then access the network fine.

2) Boot Knoppix, put in the expert option at boot time. Answer n to all boot questions, particularly the first one (do not let the system auto-probe for scsi devices). Knoppix starts for me with the network working. I don't know what effect not running autoprobe is really having. Clearly I have no scsi devices but I might be impacting my ability to write CDs. Not a big issue since I'm running Knoppix from CD and have only 1 drive on the system.

Any insight on why this second "fix" seems to work would be welcome. I've confirmed it back through my oldest Knoppix CD, V 3.1 8-August-02, which did work in the past when booting with the default options, not expert.

garyng
06-16-2003, 04:27 AM
does NOSCSI(i.e. no scsi probing) always work ? If that is the case, I believe it is more like a bug, well MS may be partially responsibile for exposing, causing it.

BTW, noscsi on a machine without SCSI controller won't hurt and everything would work just fine including CD-burning etc. It is only a flag for loading/not loading SCSI controller drivers.

Harry Kuhman
06-16-2003, 05:22 AM
does NOSCSI(i.e. no scsi probing) always work ?

Well, not sure what always means and I didn't know about the noscsi command. Expert always worked for me with the all n response options every time I tried it, but that has been perhaps 20 total. It failed the few times I did it with a return for autoprobe in the first response. The sudo mii-tool -r and netcardconfig trick always works for me (under Knoppix, but curiously not under Morphix) and I've done that a lot more.

knoppix noscsi worked for me too. always? Well, so far I've tried it once and it worked once, so at least that's 100% if not always.


Yes, it certainly could be that there is some flaw in Knoppix or Linux, but this exact same computer worked fine with Knoppix (at least with v 3.1 and I think but am not certain with v 3.2) for several weeks before it suddenly stopped working. The CDRs did not change, and I even had several 3.1 CDRs that I went back and tested this with. So in some way something else has changed. If you have an HP notebook too then you know the BIOS is pretty brain dead, there is not much there to affect this. Just to be sure I've tested it with different boot orders and with USB legacy support both off and on, but in all cases I fail to connect to the network unless I do one of the work arounds I've given you. Something external to the Knoppix CD is contributing to this. Also there are others who seem to be seeing the same thing I did, their CD booted and connected to the network for them fine, but then it stopped doing so. I'm still trying to get some hard proof (Someone at a major networking company supposedly has a Windows program that will watch the contents of the NIC eeprom and generate a debug interupt the instant it is written to, but my contact there has only gotten a commitment that some thest will be run; no results, positive or negative, yet).


What are your results? Is the HP notebook failing for you? Did it ever work, and when did you first try Knoppix on it? Do the work-arounds work for you?

By the way, there is a third potential fix that I forgot to mention, since I have not tried it. If you get the diagnostic for the National Semiconductor chip at Scyld (http://www.scyld.com/diag/atlantic.html), you'll find that the diagnostic has an emergency eeprom reset function. I don't think it's mentioned in the documentation for the program, but if you read the source code it is there. This just might resolve the problem completely (or would be even more interesting if it resolved the program until the next time Windows or Windows security updates were run). Wanta do an experiment?

stevethayne
06-17-2003, 05:40 PM
Hi Harry,
The booting in expert mode does not work for me, even when typing n each time. Will try and fiddle with the boot order in the bios in case it helps, but not convinced it will.
Steve.

zipster
06-26-2003, 10:43 PM
The noscsi thing works for me....untill I install knoppix to the HD, then it fails and even the mii-tool thing wont save it. :?

-Zip


....ah-ha!

but the -

ifconfig eth0 up
netcardconfig

thing worked like a charm ... though mii-tool -r (or -R) still complains. Now to reinstall it onthe laptop ... hmmm :D

hacker66868
07-07-2003, 05:22 PM
if your data is so important that you need 'security updates' from win XP, then go to win 2000.

brokenbrainedphil
07-12-2003, 08:26 PM
:shock:

Try this...
Windows XP takes over the PCI bus in your machine, and essentially "REBOOTS" The pci bridge, after doing this, it assigns a new MAC address to the nic card so:

UNPLUG YOUR ADSL from power......
then plug it back in after 20 seconds or so to reset the MAC lock in the ADSL modem

Same problem with Roadrunner

after resetting the MAC lock, start knoppix

DONOT RUN WINXP before knoppix

but the other way round

then you will find that for 1 session internet will not function in windows XP

Harry Kuhman
07-12-2003, 11:14 PM
Try this...
Windows XP takes over the PCI bus in your machine, and essentially "REBOOTS" The pci bridge, after doing this, it assigns a new MAC address to the nic card so:

UNPLUG YOUR ADSL from power......
then plug it back in after 20 seconds or so to reset the MAC lock in the ADSL modem

Same problem with Roadrunner

after resetting the MAC lock, start knoppix

DONOT RUN WINXP before knoppix

but the other way round

then you will find that for 1 session internet will not function in windows XP

I don't know how various cable boxes deal with mac addresses, and would like to have more information on how that works, but it is certainly not what I'm seeing. I connect to my DSL modem through a NAT DSL router. Previously I was using a standard Linksys 4 port router, I'm now using an SMC wireless router(with the Knoppix connection still coming in through a wired port) . Each logs into the ISP via PPoE and then shares the connection to all attached devices. The connection to each fails in the same way. I know I'm not having a MAC address issue for all of the following reasons:

My MAC address for the failing system has not changed - it is still showing the same MAC address it did before. Yes, I recorded it.
The Router logs into the ISP and it's mac address has not changed.
It's not a problem of getting to the ISP or to the DSL modem; I can't even get to other local computers or to the router itself unless I do one of the work arounds, and if I do the work arounds things work fine with the same MAC address.

All indications are still that the eeprom configuration information has been changed, but not the MAC address. It would be an interesting speculation, but it seems to have been presented more as a fact than speculation, and it is certainly not what is actually happening in my case. If you can really confirm that Windows ever changes a MAC address you should document this and give a good explination of how you know, including old and new settings. If it's just speculation, say so. But I have never seen the MAC address change, and my configuration would catch it. Each new MAC address on my system gets a new internal IP address (DHCP has been set up with a non-expiring lease), and I constantly see the same MAC address and IP address on the noteboot if it boots Xp or Knoppix.

les
08-01-2003, 07:19 PM
This topic does seem to be going around in circles doesn't it. Are any of the developers behind Knoppix actually investigating this?

I have a cable modem connection with a dynamic ip address. I run XP and have not accepted updates for sometime yet Knoppix wont connect to the internet at all, none of the suggestions posted here work.

If you're certain Microsoft updates are responsible - why haven't you identiified which update is causing the problem?

I think you're chasing shadows here - I'm fed up with waiting for a solution, Morphix and Suse both work fine so I'll use them.

Spanky
11-12-2003, 04:35 AM
I'm running Knoppix (I downloaded the latest version, so I guess it's 3.2?) from CD. My computer is running Windows XP, set to autoupdate with the Windows Update site. It's a Compaq notebook (which would mean that it's quite similar to a HP, no?) Originally I was having the problem where it would recognize the ethernet card as eth0 just fine, but wouldn't be able to connect via DHCP. So, I got all my information from XP for manual configuration... DNS, gateway, all that stuff. But when I used the workaround that I think Harry suggested where I select expert configuration, and choose no for all the options, I booted up and internet works fine (I'm typing this, aren't I?) So I just wanted to let you know. It might actually be a series of different problems resulting in the same error that everyone is experiencing. My next option if this workaround didn't work was to try and manually get the DHCP working, or else just configure everything manually if need be.

Is there any way I can save this configuration instead of having to go through expert boot and selecting no every time? Thanks.

windos_no_thanks
01-03-2004, 01:23 PM
And if anyone has an XP system, and a nic with eeprom, and has not yet installed the security updates, it would be extremely helpful if you can determine the current EEPROM contents (tools at http://www.scyld.com/diag/index.html )and then install the "updates" and see what happens to your ability to connect to the network with Knoppix. (Keep the data before you run the "upgrade" and you will be able to reset the eeprom to it's correct values.)

Hmm, you got me interested but none of the tools you point at compile the way the author suggests on my machine. (Knoppix 3.3 hard disk install)
Got any hints on how you got them compiled ?

A. Jorge Garcia
01-03-2004, 01:44 PM
My dual boot machine has WIMxP on hda1. I've always been a little leary of all these online update alerts all the time. Couldn't someone hack that so it looks like a M$ Windoze update but its really something more malicious (as if you could get more malicious than M$). I mean, WIMxP security isn't all its cracked-up to be as it is, now I'm supposed to trust their online updates security???

So, I haven't downloaded or installed any of their updates in months. KNOPPIX is still happy on this machine.

Regards,

Harry Kuhman
01-03-2004, 04:39 PM
Hmm, you got me interested but none of the tools you point at compile the way the author suggests on my machine. (Knoppix 3.3 hard disk install)
Got any hints on how you got them compiled ?

Sorry for the delay in responding to this, the website didn't e-mail me of the response.

I don't know what the problem in compiling as unstructed is, but I can tell you that I compiled them with Knoppix even without a hard disk install. Of course, I had to remount the target drive as read/write, since CD knoppix mounts it as read only. Other than that I just followed the instructions and I'm very new at Linux so if I can do it you should be able to also. There are a lot of posts about things that no longer seem to work after a hard disk install, and I don't pretend to understand all of the replies. My suggestion would be that, even though you have Knoppix installed on the hard drive, get a copy of the files you need and then reboot knoppix from the CD. Remount the partition as read/write and follow the steps given; it should work fine.

windos_no_thanks
01-03-2004, 05:06 PM
Ok, I'll give it a try later :-)
What version of Knoppix did you use ? (as this thread is pretty old I guess it could have been 3.2 something...)

Harry Kuhman
01-03-2004, 11:33 PM
Ok, I'll give it a try later :-)
What version of Knoppix did you use ? (as this thread is pretty old I guess it could have been 3.2 something...)

I did use several 3.2's and all worked fine. Did not use 3.3. But if you try 3.3 from the CD rather than the hard drive and it still fails, please post back just what failed and what message you got when it did and I'll try to duplicate it here with the current release. I'll then let you know if I saw the error or if I compiled fine, and if we both get the error when using CD I'll try to find out what is causing it.

My expectation is still that it's a HD install issue rather than a version issue; and I have not seen anything in the change lists that would seem to let 3.2 compile the code and 3.3 not.

windos_no_thanks
01-04-2004, 10:08 AM
Haven't booted from CD yet (all my machines are busy doing something at the moment :-) ) but one of my boxes is a Knoppix 3.2 HD install and it seems to compile the tools without errors. Also, after moving them to the box that failed to compile them the binaries still seem to run.
I dumped M$ way before XP so I don't have anything to test the sabotage theory with but I guess i could help out if someone who knows what his/her MAC address should be (usually printed on the box) needs to get some usable eeprom contents. Iv'e got a Netgear FA312 and a Netgear FA311.

VTBassMatt
03-12-2004, 03:22 PM
Harry, et al--

Have there been any updates in progress on this issue? Here is my sad story:

I had a dualboot Windows/Mandrake (8ish? later upgraded to 9.2) setup; both Windows and MDK could talk to the network last summer in my apartment (receiving an IP via DHCP from a network infrastructure-type router, not one of these mini-home-router jobs).

Now, in my current setup, my connection comes in via cable modem to a Linksys 4-port router and then to my onboard VIA Rhine-II Ethernet port. Windows XP (with all updates) connects just fine, receiving an IP address, able to contact the router's web-server config tools, etc.

Linux distributions, on the other hand, are unable to acquire an IP address from the router. I tried a fresh install of Mandrake, a fresh install of Slackware, Knoppix 3.2 and 3.3, and the old install of Mandrake, and none can get an IP, talk to the web-based config tools, etc. They all have the correct driver (via-rhine) loaded, but DHCP broadcast fails. Here's the catch: I was able to use the links web browser in a Gentoo pre-installation environment! The reason I didn't stick with Gentoo involved some user error in setting up the bootloader, and I didn't feel like screwing around with it any more.

I'd really like to use Knoppix/Debian and ditch my Windows partition (finally) but I gotta have my network. Here are the commands I've tried and roughly the respones I got (sorry, I'm at work and not at my home PC):

pump -i eth0: error
"Use DHCP" choice using netcardconfig: DHCP broadcast failed
mii-tool -r: error, no MII interface found

I have not tried VIA's Rhine driver (rhinefet), nor have I tried booting with "knoppix expert". Finally, I have not tried ethtool yet. I will attempt all these over the weekend; any other advice that anyone can provide would be quite helpful. Especially information about how Gentoo sets up its networking differently--as I recall, it was autodetected and I did not have to do anything manually, although that could be a mistaken recollection.

Thanks!

Harry Kuhman
03-12-2004, 04:56 PM
Harry, et al--

Have there been any updates in progress on this issue? ....

Sorry, I don't have any resolution. The person who was going to use some tools he had to monitor a new NIC in real time while Microsoft "security updates" were installed backed out due to concerns of jepordizing a business relationship. I'll admit I'm suprised so few people show an interest in this problem.

Certainly try expert mode, as we as the noapic cheat code. You posted a good deal of information, but I do have a couple of questions. I'm not clear on what the actual system is that you're seeing the problem on. If it's a desktop system (not a notebook), could you add an inexpensive NIC that has never experienced the "security updates"? Obviously have Knoppix in the drive before you do or otherwise be sure that the system never boots to Windows after the install until you can do all the Linux testing that you want to do.

Did the failure to connect to the Internet happen exacly when you changed from the old router to the Linksys? Is there any way you could get your hands on the router, or go where it is, just for a test? In my own experience I can tell you that, prior to installing the "security updates", for me Knoppix would talk to and do dhcp from a Linksys BEFSR41 V.2 router fine. I did have DHCP problems with Knoppix and a Belkin router, but that was just one of many problems I had with the Belkin router. Currently my notebook needs the work arounds with either a Linksys or an SMC wireless router attached to my DSL modem, my desktop (that has never run the security updates) boots fine to either.

While my problem with the Belkin router were DHCP failures, the problems booting the notebook now are more low level: I've sniffed the wire and can see that the NIC isn't being set up properly during it's innitial negoiation. If memory servers right the NIC is talking just fine, but isn't receiving properly. Looking at the configuration eeprom and how it can be used, this makes sense: the NIC could be in a mode where it just doesn't autonegoiate properly. For me the "sudo mii-tool -r" trick seems to reset the card and then I can talk fine, including do a dhcp negoitation. Obviously some NICs may be different, but the fact that Windows can bypass whatever has happened to your NIC configuration settings and force it to a working mode indicates that Linux should be able to do it too; although currently most (but not all) versions of Linux seem to trust that the NIC configuration is valid any use it by default.

Please keep us informed on any progress (or failure).

VTBassMatt
03-13-2004, 03:50 AM
Alright... updates (none good, it seems):

First-- this is a desktop machine. It's a beige box originally created by a local computer company but let's just say they wouldn't accept it for repairs today even if it were still under warranty :) [new HD, motherboard, RAM, graphics, and sound]

Tried booting in expert mode and answering no to all the questions. This didn't fix anything, but after seeing the questions, I'm not surprised. They were questions about my SCSI subsystem (really my ATAPI CDRW drive, but that's how kernel 2.4 handles all ATAPI CDRWs), graphics card, mouse, etc.

Have not tried the noapic cheat--too tired of dealing with this to try tonight.

I have another NIC, but I can't be sure that I didn't do some XP updates with it. It's the NIC that came with the machine (originally Windows 2000, got a new hard drive and installed XP instead); I subsequently replaced the motherboard while at my apartment this summer. The new motherboard had onboard Ethernet so I didn't bother to reinstall the PCI NIC, however, it most likely had both 2K and XP updates brought over it.

The mii-tool -r command does not work (either with sudo or in a root console). Also, very little of the ethtool commands seem to work. For instance, ethtool -e doesn't work. Only ethtool eth0 and ethtool -s eth0 seem to work at all. ethtool reports autonegotiation enabled, all four speed/duplex combinations, and that a link is detected. ifup and ifdown report that eth0 is not configured. netcardconfig still cannot do the DHCP broadcast. lspci -v seems to find the card just fine. mii-tool fails with very odd errors, almost as if the card itself is malfunctioning, but clearly it's not, as I'm posting this from my WinXP install on the same hardware.

I will try to redownload and boot from the Gentoo CD which, as you will recall, allowed me to access the net, and run similar diagnostics from it to see if I can find anything different. Thanks for keeping up with this, and if you make any breakthroughs, please let me know about them!!

Regards,
Matt

VTBassMatt
03-13-2004, 03:53 PM
In searching for that Gentoo CD (which I have not found yet), I came across this thread: http://forums.gentoo.org/viewtopic.php?t=113390. I am going to try looking in BIOS for a way to reset my onboard NIC (I don't know why this didn't occur to me earlier... probably because it works in Windows but not in Knoppix).

VTBassMatt
03-13-2004, 04:15 PM
OK, well, I need to investigate more to discover what's really going on, but the noapic cheat worked! Thanks, everyone, for looking into this, and if I can be of any more service, don't hesitate to ask. Good luck, everyone!

spatest
03-16-2004, 10:46 PM
Harry,
Seems that many out there are having a problem with this. Since there seems to many variables perhaps it would be worthwhile to put together some type of matrix to further isolate the problem area. It seems that we need some good hard data to verify and validate what is happening here. Tests should be repeatable with expected results.
I have a spare nic card and would be willing to do some testing for the cause... Your thoughts?

Todd

Harry Kuhman
03-17-2004, 08:52 AM
I have a spare nic card and would be willing to do some testing for the cause... Your thoughts?

I would be glad to see someone do some tests and hopefully duplicate the failure in a known and controled situation. While there are reports of people seeing the problem under Win98, I've only seen it under XP. I've never installed any '98 "security update", so I wouldn't expect to have seen it under '98 myself unless it was due to code that was in '98 when it was released. All indications are that it's something much newer than that. Since I don't know how to triger it in Win98, I'll hope you have XP and give my thoughts on the best way to try to duplicate this under XP.

Understand that not all NICs my be affected by this, so failure to duplicate the problem doesn't indicate much unless you use one of the cards known to be affected. Still, I think it's a great idea to try it with the card you have and try to prove the cause. Here are my suggestions:


Download and compile all of the utilities for your new NIC before you install it. see http://www.scyld.com/diag/index.html

Put the Knoppix CD in your drive befor you install the NIC, just to be sure that you don't boot XP before you get a chance to test things under Knoppix.

Install the new NIC in your desktop. Be sure to unplug the power supply from AC; don't just count on it being powered "off".

Boot into Knoppix and confirm that the NIC works (it certainly should).

Use the utilites you have to make a record of the contents of the configuration eeprom on the NIC.

You are now ready to boot XP. Do so, confirm that you can use the NIC under XP.

I would switch back to Knoppix right away and see if the NIC still works. I expect it will.

Reboot WinXP. Download and install all of the "security updates" for XP. I would love to know which update it is, but don't know any way to accept and install the updates one by one (understand that I've only ever installed the updates once, after my NIC stopped working I stopped accepting them). At this point it's far more impotrtant to confirm the problem than to ID the specific "update" anyway.

Boot Knoppix and test the NIC again.

If you have already accepted and installed some updates before you started, it could well be that the update only gets the NIC that was in the system at the time and doesn't keep checking the NIC. If this seems to be what happens, then my suggestion would be to reinstall XP fresh and have another go at the "security updates". I can understand the reluctance to do this if it would affect a lot of data and other installed programs on your system. Swapping out the hard drive and installing to a different hard drive might be an option in this case (Xp could be installed on a hard drive of a size of just a few gig for this test).

If you can duplicate the problem, the use the same tool to dump the NIC eeprom again.

Obviously, post any and all results, including the type of NIC you used.


I hope you do make some tests. Please post back whatever results you have, positive or negative. Good Luck.

whitefang
03-17-2004, 11:16 PM
Hi
First I'm not Knoppix user
Second I have not experienced XP security update bug yet.
It does not seem to me that NIC eeprom settings
have anything to do with 'security'
except for the case of 'Wake On LAN'.
I mentioned a 'Wake ON LAN Password Register' in previous posts
Another thing I've mentioned in mii-diag dumps posted
is 'RX Inderruts Disabled' - this might be another way to prevent
the machine from powering up on 'Wake Packet' arrival at the NIC
Also a good reason to be able only to transmit packets and not to receive a single frame.
It also might be that using 'noacpi' boot option would in some
cases workaround the problem(if the NIC supports WOL only if ACPI is configured, and otherwise ignores EEPROM WOL related settings)
This might be a wrong direction though.
I'll try with mii-diag,rtl8139-diag,via-diag
and installing latest XP updates, and post again later
But i think rtl8139 and via-rhine II are not affected.(just for the record of affected cards list).

chwdgr
03-26-2004, 02:02 PM
Hi!
Just noticed the XP security updates influence on NICs on this board!
Happens I just started Linux on dual boot with XP and Linux on on system and the same on a second machine withWin2k and Linux
(Linux means Knoppix 3.3 to be clear)
Had the same problem on BOTH machines:
The NIC's eeprom got mistreated supposedly by XP and Win2K:
Runs perfectly under XP/2K but Linux refuses to complete a DHCP.
Running mii-tool -r and netcardconfig temporarily works on the 2K machine (NOT on the XP machine!), but on run withWindows and its over again!

I have been looking all over the net to find links but no luck sofar!
Can NOT find another trick to get it running more comfortable....

The discussion I mentioned above was dated about a year ago.

I wonder if some clever human being found a solution for this problem in the mean time! (Either in the kernel of Linux or by means of a clever startuptool...whatever!)

(No need to say that I even had the brutality to ask BG in Redmond but
found nothing...)

Any tip???

Regards

Niels

charliet
04-15-2004, 02:31 AM
Hi folks,

Just wanted to chime in on this discussion as I find it very interesting, since I have been so impressed with Knoppix's ability to just work.

I have a desktop system running XP Home, and have access to a client's laptop running XP Pro. I ran Windows Update on both systems to get completely up to date, then put in both Knoppix 3.3 and the BitDefender Knoppix 3.4 CD. The desktop system has no problem with either CD in accessing the network, but the laptop fails with both CD's. An ifconfig reveals only the loopback address. I have not yet, and have no immediate plans to, install to HD.

Since I've heard plenty about Linux's shortcomings as far as laptops are concerned, and since I also don't know the make of the network card in the laptop (it's an IBM G40 2384-EHU, if that means anything to anyone:) ), I don't know if this sheds any light on the subject. But I can confirm that the CD works fine on the desktop with XP Home installed.

Charlie T.

Harry Kuhman
04-15-2004, 02:46 AM
.... But I can confirm that the CD works fine on the desktop with XP Home installed.

That's interesting, and it's always good to collect more information.

But it's not surprising, as there is a lot of variety in NICs out there, and a hack that affects some nics like will not affect others. We do have records in some other threads on this forum of Desktop users who have been affected. And the most significant clue to this problem still seems to be my own experience that Knoppix booted from CD worked just fine on the network under XP for several weeks, until I installed the "security updates". Now the same CD(s) fail to bring up a network connection.

garyng
04-15-2004, 09:11 AM
The XP/W2K playing with the NIC's onboard setting is very annoying especially it doesn't inform me, the user. I have a similar experience with an ancient 3C905TX. Not that it doesn't work under linux, just mii-tools has problem with it and for some distribution(like redhat), it relies on the output of mii-tool to determine if the network card is working before it does the ifconfig stuff.

I need to dig out a DOS diskette, booting into DOS and run the 3Com config utility to set things straight. This is ridiculous.

A. Jorge Garcia
04-15-2004, 01:02 PM
I never trusted the online updates anyway. What if a hacker, not the WIMPdoze team, gets access to my machine this way? No way!

Now, it turns out the hacker was actually on the WIMPdoze team. Imagine that! Are you really surprised?

I have a WIMxP Pro install CD from way back (one of the first, so it has limited updates). If I need to reinstall my better half's PC, that's what I use, but we never install updates! Yes, I still maintain a WIMxP box for the wife and kids. Just don't go there....

BTW, the kids take to KNOPPIX very quickly, especially after apt-get bzflag and freecraft (and a little nvidia tweeking)!

Regards,
AJG