Complete.Org: Mailing Lists: Archives: linux-help: April 2002:
[linux-help] Re: Help with a good Linux reference utility?
Home

[linux-help] Re: Help with a good Linux reference utility?

[Top] [All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: linux-help@xxxxxxxxx
Subject: [linux-help] Re: Help with a good Linux reference utility?
From: Nate Bargmann <n0nb@xxxxxxxxxxxxxxxx>
Date: Sat, 20 Apr 2002 16:05:47 -0500
Reply-to: linux-help@xxxxxxxxx

* Adam M. Sennott <kryste01@xxxxxxx> [2002 Apr 20 15:32 -0500]:
> 
> 1.  What is the function of sshd, ssh daemon?

It is the server for the Secure Shell protocol.  ssh is the client which
replaces telnet as it is, well, secure.  Without sshd or telnetd running
it is very difficult for you to access your box remotely or for others
to do so as well.  If you're not running a network, I doubt you need
sshd running at all, unless you want to play with it via the localhost
network interface.  If you don't want anyone trying to log in to your
box via the Internet, disable both sshd and telnetd (as well as ftpd) or
configure a firewall on your system and block incoming access to those
ports.

> 2.  Why does the system send me mail all the time?  I get Logwatch letters
> from root@localhost.localdomain all the time telling me that sshd has
> started and been killed as well as info about sshd.

Beats me.  As I use Debian, I'm not familiar with the way RedHat does
things.  Sounds like a cron job, perhaps.  To eliminate the mail, either
reconfigure logwatch or remove it.  Your system sends you mail because
that is the defualt for your install, I assume.

OTOH, getting familiar with how your system works on a daily basis is a
good thing as getting a message may one day provide a tip that something
needs looked at before it becomes a more serious issue.

> 3.  What is contained in /etc/fstab?

man fstab

A textual representation of your hard drive's partitions that is used by
the mount command to attach or mount the various filesystems before you
log in.  It also holds the default access privileges for each partition
and tells mount where in the directory structure each partition should
appear.  Unlike the DOS paradigm of drives lettered A-Z, a UNIX type of
system mounts each partition and/or disk under a directory off of /
Theoretically, the number of mounted filesystems is unlimited and is
certainly not limited to 26.

> 4.  If I want to send mail from the command line, how can I designate the
> reply-to address?

Not sure.  I use Mutt an ncurses based mail agent (MUA).

> 5.  What measures can I take on a network (I use Linux at home as a
> standalone machine and also at school on a network, where students are
> encouraged to hack one another) to ensure that no one can gain access my
> machine (or be discovered if they try!)?

Firewall with iptables (on kernel 2.4) or ipchains (on kernel 2.2) with
a default policy of DROP or DENY then open holes in the firewall to
those services you wish to provide.  For outgoing connections leave a
spot open in the range indicated in:

/proc/sys/net/ipv4/ip_local_port_range

You can change it by doing the following at each boot:

echo "1024 2999" > /proc/sys/net/ipv4/ip_local_port_range

Then block incoming SYN (connection request) packets on the INPUT chain
of your firewall, ACCEPTing SYN packets only to those ports your
providing services on.  You'll need to leave a hole for your local port
range for reply packets.

To help catch anyone trying to change things on your system Tripwire is
considered a good candidate.  Before placing your machine on the network
right after a clean install, utilities like Tripwire generate a
signature for each file.  Then if a file changes, they will find it
creates a new signature and an alarm will be generated.  Common sense
dictates that the Tripwire database must be protected in some way.  I've
seen burning it to CD-ROM suggested.  

This assumes you are the only one with access to the box.  If the
machine is accessable by others through the console, then they can do
just about anything you can do unless you take extraordinary measures.

- Nate >>

-- 
 Wireless | Amateur Radio Station N0NB          | "We have awakened a
 Internet | n0nb@xxxxxxxxxxxxxxxx               | sleeping giant and
 Location | Bremen, Kansas USA EM19ov           | have instilled in him
  Amateur radio exams; ham radio; Linux info @  | a terrible resolve".
             http://www.qsl.net/n0nb/           | - Admiral Yamomoto
-- This is the linux-help@xxxxxxxxx list.  To unsubscribe,
visit http://www.complete.org/cgi-bin/listargate-aclug.cgi


[Prev in Thread] Current Thread [Next in Thread]