Is all this going to be on the Internet? Whoever first posted this should consider learning how to setup the firewall under Linux at a minimum.
Didn't we recently have a discussion about security of home systems for Linux and Windows users? This is just begging to be made an example. Regards, Dustin On Fri, 2001-09-14 at 13:33, Shannon Roddy wrote: > One more gotcha... He will have to have apache installed also to be able > to use swat. > > Shannon > > Jerald Sheets wrote: > > >Shannon's correct. You probably didn't install packages which would > >normally be in this directory. > > > >I used to have that "Vendor knows best" attitude way back and would > >trust other setups like "Server Install", "Workstation Install", etc., > >but at this point I'm resolved to do nothing but Custom/Install > >Everything. The only gotcha in this format is to make sure when > >paritioning to make sure there's a /boot partition. This allows the > >system to have the boot sector/data in the first 1024 cylinders. > > > > > >Chances are also good you didn't install Samba. It should be on your > >install CD in the RPMS directory, a couple of directories deep. I > >*think* (from memory) /RedHat/RPMS > > > >You want > > > >samba-2.0.7-36.i386.rpm > >samba-client-2.0.7-36.i386.rpm > >samba-common-2.0.7-36.i386.rpm > >samba-swat-2.0.7-36.i386.rpm > > > >(unless you go to samba.org and do this from latest) > > > >That should do you. > > > > > >JErald > > > > > >On Fri, 2001-09-14 at 10:53, Bart G. Denys wrote: > > > >>Jerald, > >> > >>Thanks for the extensive help. I get stuck though from the beginning. <y > >>dir /etc/xinet.d/ contains only one file named rsync. Is there a program > >>that isn't installed ? > >> > >>Bart > >> > >>-----Original Message----- > >>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > >>Behalf Of Jerald Sheets > >>Sent: Friday, September 14, 2001 9:41 AM > >>To: [EMAIL PROTECTED] > >>Subject: RE: [brluglist] RedHat 7.1 mail and network help > >> > >>On Fri, 2001-09-14 at 08:30, Bart G. Denys wrote: > >> > >>>John, > >>> > >>>Thanks for the help. > >>>Already made some progress. I had the sendmail filled out with my > >>> > >>email > >> > >>>address. I can now send using /usr/local/sendmail > >>> > >>>ISP problem is different: I don't get an email through my cable-ISP > >>>(charter communication). Email comes from a different provider (email > >>>address [EMAIL PROTECTED]). Additionally, I have an email account > >>> > >>at > >> > >>>the local hospital ([EMAIL PROTECTED]) that is secured and does NOT > >>>let you check mail via the net. > >>> > >>>I am reading through one of my books on how to setup Samba using SWAT. > >>>The Linux Bible states: > >>> Add a line to /etc/services: swat 901/TCP > >>>I did that. > >>> Add a line to /etc/inetd.conf: swat stream tcp nowait.400 root > >>>/usr/sbin/swat > >>>I can't find inetd.conf where is it ?????? > >>> > >>Unfortunately, the Linux market moves faster than your documentation. > >>:) > >> > >>RedHat 7.1 abandoned inetd in favor of xinetd. xinetd has neat > >>functions such as being able to deny based on service for a particular > >>host!! Also, you can use wrappers on individual services, so you can > >>say deny specifically radius information requests from host x....get it? > >> > >>Remember, even though you're working with a pretty snappy desktop > >>system, you're also sitting on top of one of the most powerful servers > >>in the world. > >> > >>Your *new* install info is as follows: > >> > >> > >>In your /etc/ directory is where all system configuration utilities > >>live. Your startup scripts (akin to autoexec/config) and various system > >>configuration files (akin to .ini files). Specifically, we're > >>interested in the Internet services stuff. You'll find a simple > >>configuration file called xinetd.conf that has the following contents: > >> > >> # > >> # Simple configuration file for xinetd > >> # > >> # Some defaults, and include /etc/xinetd.d/ > >> > >> defaults > >> { > >> instances = 60 > >> log_type = SYSLOG authpriv > >> log_on_success = HOST PID > >> log_on_failure = HOST > >> } > >> > >> includedir /etc/xinetd.d > >> > >> > >>The long and short of this is that you can have 60 separate connections, > >>they must be logged... > >> > >>But the important part is the last line telling you to include the > >>contents of the directory /etc/xinetd.d. Let's look at it's contents > >>and format: > >> > >> amanda daytime finger klogin > >>rexec > >> amandaidx daytime-udp gssftp krb5-telnet rlogin > >> amidxtape dbskkd-cdb imap kshell rsh > >> chargen echo imaps linuxconf-web > >>rsync > >> chargen-udp echo-udp ipop2 ntalk swat > >> comsat eklogin ipop3 pop3s > >>talk > >> > >> telnet > >> tftp > >> time > >> time-udp > >> wu-ftpd > >> > >>This is a listing of several simple text files listing service > >>attributes and settings. The one we're interested in here is swat. > >>Pulling swat into an editor, we find the following contents: > >> > >> # default: off > >> # description: SWAT is the Samba Web Admin Tool. Use swat \ > >> # to configure your Samba server. To use SWAT, \ > >> # connect to port 901 with your favorite web browser. > >> service swat > >> { > >> disable = yes > >> port = 901 > >> socket_type = stream > >> wait = no > >> only_from = 127.0.0.1 > >> user = root > >> server = /usr/sbin/swat > >> log_on_failure += USERID > >> } > >> > >> > >>As you can see, there's an interesting line near the top saying "disable > >>= yes". Can you imagine what I'm going to say here? :) > >> > >>What I typically do is comment the line out, and make a copy with my > >>settings. This is a good habit to get into, because it's saved my arse > >>countless times. The new file would look thusly: > >> > >> # default: off > >> # description: SWAT is the Samba Web Admin Tool. Use swat \ > >> # to configure your Samba server. To use SWAT, \ > >> # connect to port 901 with your favorite web browser. > >> service swat > >> { > >> # disable = yes > >> disable = no > >> port = 901 > >> socket_type = stream > >> wait = no > >> only_from = 127.0.0.1 > >> user = root > >> server = /usr/sbin/swat > >> log_on_failure += USERID > >> } > >> > >>Finally, to get all this reread, you have to restart the xinetd > >>service. People do this several ways. Some prefer to use the kill -HUP > >>command, some prefer to restart the service, etc. etc. *I* prefer to > >>restart the service via the provided shell scripts. That would be the > >>following command line: > >> > >># /etc/rc.d/init.d/xinetd restart > >> > >>This should make the service available, and you should be able then to > >>open a browser and point it to http://your.host.com:901 or > >>http://your.ip.com:901 to get your Swat interface. > >> > >> > >>If you have any problems, or any questions, just give me a buzz through > >>this forum, and I'll answer you as soon as I can. > >> > >> > >>Jerald Sheets > >> > >>================================================ > >>BRLUG - The Baton Rouge Linux User Group > >>Visit http://www.brlug.net for more information. > >>Send email to [EMAIL PROTECTED] to change > >>your subscription information. > >>================================================ > >> > >>================================================ > >>BRLUG - The Baton Rouge Linux User Group > >>Visit http://www.brlug.net for more information. > >>Send email to [EMAIL PROTECTED] to change > >>your subscription information. > >>================================================ > >> > > > > > >================================================ > >BRLUG - The Baton Rouge Linux User Group > >Visit http://www.brlug.net for more information. > >Send email to [EMAIL PROTECTED] to change > >your subscription information. > >================================================ > > > -- Dustin Puryear <[EMAIL PROTECTED]> http://members.telocity.com/~dpuryear In the beginning the Universe was created. This has been widely regarded as a bad move. - Douglas Adams ================================================ BRLUG - The Baton Rouge Linux User Group Visit http://www.brlug.net for more information. Send email to [EMAIL PROTECTED] to change your subscription information. ================================================
