|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] Finding Linux Help
|
On Fri, Jan 21, 2000 at 09:27:38AM -0500, neodem wrote:
> Hi, I'm a new member to this list, and I'm writing today in search of some
> help and/or suggestions.
>
> In a month, I am having SDSL installed in my home and I want to administer
> the connection with a Linux server. I'm not a Linux expert by any means and
> I'm looking for someone to help me set it up properly.
If you have a FlowPoint router, and if you have multiple IP addresses,
you can do firewalling either by putting up a second Linux box as a
firewall (which I can't help you with)¸ or pay for the key unlocking
to run the FlowPoint's firewall program.
You can run all the boxes off the FlowPoint (with or without the
firewalling). Not recommended for Windows boxes unless you do have
the FlowPoint firewalling going.
>
> I have 2 Windows PC's in my home as well and want to hook them up to the
> server and be able to access the net. I also want the server to be able to
> accept dial-ups from me when I'm away.
Why the dial-ups? I think this complicates your set-up, but I'll let
others address that.
> I want the server to run Apache, an email server and other network apps. I'm
> a bit afraid of having the box up on the net all the time so I'll need to
> set up some type of security/firewall as well.
I run all those and have a running nntp port (with no inbound or
outbound feeds). I run TripWire and PortSentry. The most important
thing is to read your logs, keep up with what's going on with your
machine.
Close all services you don't need; close telnet and use ssh, close
finger and any other services you don't know much about. Make
sure your host deny file is all:all and you only allow people on the
machine who have a need to be there (smtp and http are set up
differently -- in /etc/hosts.allow, I've got an entry for sendmail
that's "sendmail: all." You'll also want to close sendmail's vrfy and
expd so people can't get the user name and try cracking the passwords.
If you're logged on remotely, check "who" periodically to see if you
have unexpected company. Check your http logs to see if anyone tried
anything weird (there are some things that look weird that are just MS
artifacts).
TripWire will tell you if any files in your core directories have
changed in the last 24 hours. Some of my files change automatically,
but I didn't set up TripWire to skip them because I also use the time
I'm logged in as root to check other things and getting the daily mail
assures me that TripWire is still running. You can probably find
programs that will mail you suspicious items out of your logs. This
can be set to send them to your work address if you're not home.
> Any help you can offer would be great. Thanks.
If you've never done this before, start with RedHat 6.1 and all the
recommended upgrades. You'll want two ethernet cards in the Linux
box, one to the FlowPoint/sdsl modem, the other to a small hub for
your Windows boxes, which will also need ethernet cards. I've never
done a Samba installation; there are other people better informed
on this than I am.
--
Rebecca Ore
http://www.ogoense.net
______________________________________________________________________
Philadelphia Linux Users Group - http://plug.nothinbut.net
Announcements - http://lists.nothinbut.net/mail/listinfo/plug-announce
General Discussion - http://lists.nothinbut.net/mail/listinfo/plug
|
|