Dear Freind, IN Redhat 7.1 version there is default firewall that is activated and you have to select whethere the firewall should be high, nedium or none from linuxconf. thats it Happy linuxing
> you mean.....not use linuxconf? I agree with you totally!!!!Since this marks the third or so time I''ve heard this, I would like to know why. I''ve been running RH 6.2 for several years and use linux conf as a convenience for a lot of quick jobs. The only thing I haven''t gotten to easily work with Linuxconf is Apache. ...Now it''s true, I don''t use it for everything, it''s just faster at some things than I am with the keyboard... Perhaps it''s worth mentioning, I _never_ run X windows so I don''t use the fancy version. Anyway, my question; What''s so bad with Linuxconf? You''re just too accustomed to the "manual" way? Or is it "broken" with regard to some tasks? RT
This features cause me a lot of problems, I prefer to configure my firewall manually. Happy firewalling..... ----- Original Message ----- From: Sunil Pandya To: redhat-secure-server@redhat.com Sent: Friday, October 19, 2001 8:49 AM Subject: Re:telnet, ftp issue Dear Freind, IN Redhat 7.1 version there is default firewall that is activated and you have to select whethere the firewall should be high, nedium or none from linuxconf. thats it Happy linuxing
Yes....... I mean exactly this...!!! ----- Original Message ----- From: "Lamar Seifuddin" <lamarts@flash.net> To: <redhat-secure-server@redhat.com> Sent: Monday, October 22, 2001 7:48 PM Subject: RE: Re:telnet, ftp issue> you mean.....not use linuxconf? I agree with you totally!!!! > > -----Original Message----- > From: redhat-secure-server-admin@redhat.com > [mailto:redhat-secure-server-admin@redhat.com]On Behalf Of Jody Fustini > Sent: Monday, October 22, 2001 12:22 AM > To: redhat-secure-server@redhat.com > Subject: Re: Re:telnet, ftp issue > > > This features cause me a lot of problems, I prefer to configure myfirewall> manually. > > Happy firewalling..... > > ----- Original Message ----- > From: Sunil Pandya > To: redhat-secure-server@redhat.com > Sent: Friday, October 19, 2001 8:49 AM > Subject: Re:telnet, ftp issue > > > Dear Freind, > > IN Redhat 7.1 version there is default firewall that is activated and you > have to select whethere the firewall should be high, nedium or none from > linuxconf. > > thats it > Happy linuxing > > > > _______________________________________________ > Redhat-secure-server mailing list > Redhat-secure-server@redhat.com > https://listman.redhat.com/mailman/listinfo/redhat-secure-server > > > > _______________________________________________ > Redhat-secure-server mailing list > Redhat-secure-server@redhat.com > https://listman.redhat.com/mailman/listinfo/redhat-secure-server >
Lamar, Look up ipchains as this is the filtering for packets on the public interface. Xinetd is another tool you may want to familiarize yourself with. SSH can be used for telnet and ftp after reviewing these you should be able to determine what comes next according to your needs. Personally speaking here: security is a very broad subject and depends on your policy(s) of implementation. A good start would be to disable all services then only add those you need. Set up a firewall that uses a default policy of DENY or REJECT and only those services that are explicitly allowed from certain IP''s will occur through the filter using ipchains... James -----Original Message----- From: redhat-secure-server-admin@redhat.com [mailto:redhat-secure-server-admin@redhat.com]On Behalf Of Lamar Seifuddin Sent: Monday, October 22, 2001 2:54 PM To: redhat-secure-server@redhat.com Subject: linuxconf? I use RH 7.1.....it didn''t come with linuxconf....I had to download it. I recall using linuxconf with RH 6.2, with no problem, I was new to Linux, didn''t need much, it was a learning experience. Now....I''m trying to do everything with RH 7.1, networking, web server, samba, software development, nfs, etc. The "GUI" aspect of it (IMHO) is not user-friendly, I have no idea what actually has taken place....what files were affected..... the manual process enables me to understand what''s going on. I can go back and undo something, etc. this is my opinion. :-) not anti-linuxconf.....but I can definitely relate to others when they share the same sentiment. but enough about linuxconf........ I''d like to work on securing my server, where do I start with as far as good documentation and implementation? -----Original Message----- From: redhat-secure-server-admin@redhat.com [mailto:redhat-secure-server-admin@redhat.com]On Behalf Of Richard Troy Sent: Monday, October 22, 2001 12:02 AM To: redhat-secure-server@redhat.com Subject: RE: Re:telnet, ftp issue> you mean.....not use linuxconf? I agree with you totally!!!!Since this marks the third or so time I''ve heard this, I would like to know why. I''ve been running RH 6.2 for several years and use linux conf as a convenience for a lot of quick jobs. The only thing I haven''t gotten to easily work with Linuxconf is Apache. ...Now it''s true, I don''t use it for everything, it''s just faster at some things than I am with the keyboard... Perhaps it''s worth mentioning, I _never_ run X windows so I don''t use the fancy version. Anyway, my question; What''s so bad with Linuxconf? You''re just too accustomed to the "manual" way? Or is it "broken" with regard to some tasks? RT _______________________________________________ Redhat-secure-server mailing list Redhat-secure-server@redhat.com https://listman.redhat.com/mailman/listinfo/redhat-secure-server _______________________________________________ Redhat-secure-server mailing list Redhat-secure-server@redhat.com https://listman.redhat.com/mailman/listinfo/redhat-secure-server
Lamar, After reviewing my last email to the list I realized I should have added a link... http://www.redhat.com/apps/support/ldp.html This is the Linux Documentation Project it has many articles on the subjects I listed in the last email. Of course there are many other sites that have great documents as well: http://www.linuxdoc.org/ http://sourceforge.net/ http://www.linuxsecurity.com/resources/documentation-2.html James -----Original Message----- From: redhat-secure-server-admin@redhat.com [mailto:redhat-secure-server-admin@redhat.com]On Behalf Of Lamar Seifuddin Sent: Monday, October 22, 2001 2:54 PM To: redhat-secure-server@redhat.com Subject: linuxconf? I use RH 7.1.....it didn''t come with linuxconf....I had to download it. I recall using linuxconf with RH 6.2, with no problem, I was new to Linux, didn''t need much, it was a learning experience. Now....I''m trying to do everything with RH 7.1, networking, web server, samba, software development, nfs, etc. The "GUI" aspect of it (IMHO) is not user-friendly, I have no idea what actually has taken place....what files were affected..... the manual process enables me to understand what''s going on. I can go back and undo something, etc. this is my opinion. :-) not anti-linuxconf.....but I can definitely relate to others when they share the same sentiment. but enough about linuxconf........ I''d like to work on securing my server, where do I start with as far as good documentation and implementation? -----Original Message----- From: redhat-secure-server-admin@redhat.com [mailto:redhat-secure-server-admin@redhat.com]On Behalf Of Richard Troy Sent: Monday, October 22, 2001 12:02 AM To: redhat-secure-server@redhat.com Subject: RE: Re:telnet, ftp issue> you mean.....not use linuxconf? I agree with you totally!!!!Since this marks the third or so time I''ve heard this, I would like to know why. I''ve been running RH 6.2 for several years and use linux conf as a convenience for a lot of quick jobs. The only thing I haven''t gotten to easily work with Linuxconf is Apache. ...Now it''s true, I don''t use it for everything, it''s just faster at some things than I am with the keyboard... Perhaps it''s worth mentioning, I _never_ run X windows so I don''t use the fancy version. Anyway, my question; What''s so bad with Linuxconf? You''re just too accustomed to the "manual" way? Or is it "broken" with regard to some tasks? RT _______________________________________________ Redhat-secure-server mailing list Redhat-secure-server@redhat.com https://listman.redhat.com/mailman/listinfo/redhat-secure-server _______________________________________________ Redhat-secure-server mailing list Redhat-secure-server@redhat.com https://listman.redhat.com/mailman/listinfo/redhat-secure-server
you mean.....not use linuxconf? I agree with you totally!!!! -----Original Message----- From: redhat-secure-server-admin@redhat.com [mailto:redhat-secure-server-admin@redhat.com]On Behalf Of Jody Fustini Sent: Monday, October 22, 2001 12:22 AM To: redhat-secure-server@redhat.com Subject: Re: Re:telnet, ftp issue This features cause me a lot of problems, I prefer to configure my firewall manually. Happy firewalling..... ----- Original Message ----- From: Sunil Pandya To: redhat-secure-server@redhat.com Sent: Friday, October 19, 2001 8:49 AM Subject: Re:telnet, ftp issue Dear Freind, IN Redhat 7.1 version there is default firewall that is activated and you have to select whethere the firewall should be high, nedium or none from linuxconf. thats it Happy linuxing _______________________________________________ Redhat-secure-server mailing list Redhat-secure-server@redhat.com https://listman.redhat.com/mailman/listinfo/redhat-secure-server
I use RH 7.1.....it didn''t come with linuxconf....I had to download it. I recall using linuxconf with RH 6.2, with no problem, I was new to Linux, didn''t need much, it was a learning experience. Now....I''m trying to do everything with RH 7.1, networking, web server, samba, software development, nfs, etc. The "GUI" aspect of it (IMHO) is not user-friendly, I have no idea what actually has taken place....what files were affected..... the manual process enables me to understand what''s going on. I can go back and undo something, etc. this is my opinion. :-) not anti-linuxconf.....but I can definitely relate to others when they share the same sentiment. but enough about linuxconf........ I''d like to work on securing my server, where do I start with as far as good documentation and implementation? -----Original Message----- From: redhat-secure-server-admin@redhat.com [mailto:redhat-secure-server-admin@redhat.com]On Behalf Of Richard Troy Sent: Monday, October 22, 2001 12:02 AM To: redhat-secure-server@redhat.com Subject: RE: Re:telnet, ftp issue> you mean.....not use linuxconf? I agree with you totally!!!!Since this marks the third or so time I''ve heard this, I would like to know why. I''ve been running RH 6.2 for several years and use linux conf as a convenience for a lot of quick jobs. The only thing I haven''t gotten to easily work with Linuxconf is Apache. ...Now it''s true, I don''t use it for everything, it''s just faster at some things than I am with the keyboard... Perhaps it''s worth mentioning, I _never_ run X windows so I don''t use the fancy version. Anyway, my question; What''s so bad with Linuxconf? You''re just too accustomed to the "manual" way? Or is it "broken" with regard to some tasks? RT _______________________________________________ Redhat-secure-server mailing list Redhat-secure-server@redhat.com https://listman.redhat.com/mailman/listinfo/redhat-secure-server
I Use RH 7.1 on several machines.. It came with Linuxconf out of the box. *********** REPLY SEPARATOR *********** On 10/22/2001 at 11:53 AM Lamar Seifuddin wrote:>I use RH 7.1.....it didn''t come with linuxconf....I had to download it. > >I recall using linuxconf with RH 6.2, with no problem, I was new to Linux, >didn''t need much, it was a learning experience. > >Now....I''m trying to do everything with RH 7.1, networking, web server, >samba, software development, nfs, etc. > >The "GUI" aspect of it (IMHO) is not user-friendly, I have no idea what >actually has taken place....what files were affected..... > >the manual process enables me to understand what''s going on. I can go back >and undo something, etc. > >this is my opinion. :-) not anti-linuxconf.....but I can definitely >relate to others when they share the same sentiment. > >but enough about linuxconf........ > > >I''d like to work on securing my server, where do I start with as far as good >documentation and implementation? > > > >-----Original Message----- >From: redhat-secure-server-admin@redhat.com >[mailto:redhat-secure-server-admin@redhat.com]On Behalf Of Richard Troy >Sent: Monday, October 22, 2001 12:02 AM >To: redhat-secure-server@redhat.com >Subject: RE: Re:telnet, ftp issue > > > >> you mean.....not use linuxconf? I agree with you totally!!!! > > >Since this marks the third or so time I''ve heard this, I would like to >know why. I''ve been running RH 6.2 for several years and use linux conf as >a convenience for a lot of quick jobs. The only thing I haven''t gotten to >easily work with Linuxconf is Apache. ...Now it''s true, I don''t use it for >everything, it''s just faster at some things than I am with the keyboard... >Perhaps it''s worth mentioning, I _never_ run X windows so I don''t use the >fancy version. > >Anyway, my question; What''s so bad with Linuxconf? You''re just too >accustomed to the "manual" way? Or is it "broken" with regard to some >tasks? > >RT > > > >_______________________________________________ >Redhat-secure-server mailing list >Redhat-secure-server@redhat.com >https://listman.redhat.com/mailman/listinfo/redhat-secure-server > > > >_______________________________________________ >Redhat-secure-server mailing list >Redhat-secure-server@redhat.com >https://listman.redhat.com/mailman/listinfo/redhat-secure-server
You have to install the utilities on install for linuxconf to be installed. If not the rpm is on the second CD. On Monday 22 October 2001 04:26 pm, Brent Canipe wrote:> I Use RH 7.1 on several machines.. It came with Linuxconf out of the box. > > *********** REPLY SEPARATOR *********** > > On 10/22/2001 at 11:53 AM Lamar Seifuddin wrote: > >I use RH 7.1.....it didn''t come with linuxconf....I had to download it. > > > >I recall using linuxconf with RH 6.2, with no problem, I was new to Linux, > >didn''t need much, it was a learning experience. > > > >Now....I''m trying to do everything with RH 7.1, networking, web server, > >samba, software development, nfs, etc. > > > >The "GUI" aspect of it (IMHO) is not user-friendly, I have no idea what > >actually has taken place....what files were affected..... > > > >the manual process enables me to understand what''s going on. I can go > > back and undo something, etc. > > > >this is my opinion. :-) not anti-linuxconf.....but I can definitely > >relate to others when they share the same sentiment. > > > >but enough about linuxconf........ > > > > > >I''d like to work on securing my server, where do I start with as far as > > good documentation and implementation? > > > > > > > >-----Original Message----- > > From: redhat-secure-server-admin@redhat.com > > >[mailto:redhat-secure-server-admin@redhat.com]On Behalf Of Richard Troy > >Sent: Monday, October 22, 2001 12:02 AM > >To: redhat-secure-server@redhat.com > >Subject: RE: Re:telnet, ftp issue > > > >> you mean.....not use linuxconf? I agree with you totally!!!! > > > >Since this marks the third or so time I''ve heard this, I would like to > >know why. I''ve been running RH 6.2 for several years and use linux conf as > >a convenience for a lot of quick jobs. The only thing I haven''t gotten to > >easily work with Linuxconf is Apache. ...Now it''s true, I don''t use it for > >everything, it''s just faster at some things than I am with the keyboard... > >Perhaps it''s worth mentioning, I _never_ run X windows so I don''t use the > >fancy version. > > > >Anyway, my question; What''s so bad with Linuxconf? You''re just too > >accustomed to the "manual" way? Or is it "broken" with regard to some > >tasks? > > > >RT > > > > > > > >_______________________________________________ > >Redhat-secure-server mailing list > >Redhat-secure-server@redhat.com > >https://listman.redhat.com/mailman/listinfo/redhat-secure-server > > > > > > > >_______________________________________________ > >Redhat-secure-server mailing list > >Redhat-secure-server@redhat.com > >https://listman.redhat.com/mailman/listinfo/redhat-secure-server > > _______________________________________________ > Redhat-secure-server mailing list > Redhat-secure-server@redhat.com > https://listman.redhat.com/mailman/listinfo/redhat-secure-server-- Darrin Powell LSSi Corp 919.466.6803 dpowell@lssi.net
Hey Lamar, Here is another link: http://www.linuxdoc.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3 / James -----Original Message----- From: redhat-secure-server-admin@redhat.com [mailto:redhat-secure-server-admin@redhat.com]On Behalf Of Darrin Powell Sent: Monday, October 22, 2001 4:43 PM To: redhat-secure-server@redhat.com; Brent Canipe Subject: Re: linuxconf? You have to install the utilities on install for linuxconf to be installed. If not the rpm is on the second CD. On Monday 22 October 2001 04:26 pm, Brent Canipe wrote:> I Use RH 7.1 on several machines.. It came with Linuxconf out of the box. > > *********** REPLY SEPARATOR *********** > > On 10/22/2001 at 11:53 AM Lamar Seifuddin wrote: > >I use RH 7.1.....it didn''t come with linuxconf....I had to download it. > > > >I recall using linuxconf with RH 6.2, with no problem, I was new toLinux,> >didn''t need much, it was a learning experience. > > > >Now....I''m trying to do everything with RH 7.1, networking, web server, > >samba, software development, nfs, etc. > > > >The "GUI" aspect of it (IMHO) is not user-friendly, I have no idea what > >actually has taken place....what files were affected..... > > > >the manual process enables me to understand what''s going on. I can go > > back and undo something, etc. > > > >this is my opinion. :-) not anti-linuxconf.....but I can definitely > >relate to others when they share the same sentiment. > > > >but enough about linuxconf........ > > > > > >I''d like to work on securing my server, where do I start with as far as > > good documentation and implementation? > > > > > > > >-----Original Message----- > > From: redhat-secure-server-admin@redhat.com > > >[mailto:redhat-secure-server-admin@redhat.com]On Behalf Of Richard Troy > >Sent: Monday, October 22, 2001 12:02 AM > >To: redhat-secure-server@redhat.com > >Subject: RE: Re:telnet, ftp issue > > > >> you mean.....not use linuxconf? I agree with you totally!!!! > > > >Since this marks the third or so time I''ve heard this, I would like to > >know why. I''ve been running RH 6.2 for several years and use linux confas> >a convenience for a lot of quick jobs. The only thing I haven''t gotten to > >easily work with Linuxconf is Apache. ...Now it''s true, I don''t use itfor> >everything, it''s just faster at some things than I am with thekeyboard...> >Perhaps it''s worth mentioning, I _never_ run X windows so I don''t use the > >fancy version. > > > >Anyway, my question; What''s so bad with Linuxconf? You''re just too > >accustomed to the "manual" way? Or is it "broken" with regard to some > >tasks? > > > >RT > > > > > > > >_______________________________________________ > >Redhat-secure-server mailing list > >Redhat-secure-server@redhat.com > >https://listman.redhat.com/mailman/listinfo/redhat-secure-server > > > > > > > >_______________________________________________ > >Redhat-secure-server mailing list > >Redhat-secure-server@redhat.com > >https://listman.redhat.com/mailman/listinfo/redhat-secure-server > > _______________________________________________ > Redhat-secure-server mailing list > Redhat-secure-server@redhat.com > https://listman.redhat.com/mailman/listinfo/redhat-secure-server-- Darrin Powell LSSi Corp 919.466.6803 dpowell@lssi.net _______________________________________________ Redhat-secure-server mailing list Redhat-secure-server@redhat.com https://listman.redhat.com/mailman/listinfo/redhat-secure-server
Totally agree! I never use Linuxconf, whether I be working on a server or Workstation. Historically, I have found it to be bug ridden. I like to edit the conf files directly... at least that way you can make backups of the files and add comments about the changes you have made or want to make. * the manual process enables me to understand what''s going on. I can go back and undo something, etc. Matt
ultimately most automated tools will fail miserable on Linux. to many differences. It is one thing for sco to write scoadmin (nice system BTW) for their own system where they control it. It is entirely another to write linuxconf/webmin/etc for 20 different linux distro''s running 100''s of versions/configurations of apache/etc. COAS (caldera system) had a good idea, using layers so you would wite a plugin to understand say the redhat 7.1 way of apache or suse 7.1 apache. But COAS stagnated and died (and then they released volution which looks interesting). Ultimately your best bets are to: Have good procedures for modifing config files, i.e. backup file first, then modify, test, roll back if needed (this has saved me a few times =). Also try not to have multiple people modifying a subsystem like apache or an entire system at the same time. I might be working on apache, make a change, doesn''t work, if you are working on dns that may be the problem, but I probably won''t realize it. Keep systems as in synch as possible, makes it easier to roll out changes to multiple machines (i.e. a new virtual host to your webserver pool). tools like SSH/NSH/etc can help you make changes on multiple systems with one command. Consider systems like cvs to store/create config files, also makes centralized backups easy and restoration (do a cvs checkout, whee). Consider automation systems like M4 or perl to generate config files (especially useful for creating a few hundred dns zone files, or apache virutal host configs). yadayada. many companies make tools to assist you in this, quite a few work ok, but none that I know of work all the time perfectly. Kurt Seifried, kurt@seifried.org A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://www.seifried.org/security/
Jim, thank you for the info! much appreciated Lamar -----Original Message----- From: redhat-secure-server-admin@redhat.com [mailto:redhat-secure-server-admin@redhat.com]On Behalf Of Jim Selph Sent: Monday, October 22, 2001 1:56 PM To: redhat-secure-server@redhat.com; Brent Canipe Subject: RE: linuxconf? Hey Lamar, Here is another link: http://www.linuxdoc.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3 / James -----Original Message----- From: redhat-secure-server-admin@redhat.com [mailto:redhat-secure-server-admin@redhat.com]On Behalf Of Darrin Powell Sent: Monday, October 22, 2001 4:43 PM To: redhat-secure-server@redhat.com; Brent Canipe Subject: Re: linuxconf? You have to install the utilities on install for linuxconf to be installed. If not the rpm is on the second CD. On Monday 22 October 2001 04:26 pm, Brent Canipe wrote:> I Use RH 7.1 on several machines.. It came with Linuxconf out of the box. > > *********** REPLY SEPARATOR *********** > > On 10/22/2001 at 11:53 AM Lamar Seifuddin wrote: > >I use RH 7.1.....it didn''t come with linuxconf....I had to download it. > > > >I recall using linuxconf with RH 6.2, with no problem, I was new toLinux,> >didn''t need much, it was a learning experience. > > > >Now....I''m trying to do everything with RH 7.1, networking, web server, > >samba, software development, nfs, etc. > > > >The "GUI" aspect of it (IMHO) is not user-friendly, I have no idea what > >actually has taken place....what files were affected..... > > > >the manual process enables me to understand what''s going on. I can go > > back and undo something, etc. > > > >this is my opinion. :-) not anti-linuxconf.....but I can definitely > >relate to others when they share the same sentiment. > > > >but enough about linuxconf........ > > > > > >I''d like to work on securing my server, where do I start with as far as > > good documentation and implementation? > > > > > > > >-----Original Message----- > > From: redhat-secure-server-admin@redhat.com > > >[mailto:redhat-secure-server-admin@redhat.com]On Behalf Of Richard Troy > >Sent: Monday, October 22, 2001 12:02 AM > >To: redhat-secure-server@redhat.com > >Subject: RE: Re:telnet, ftp issue > > > >> you mean.....not use linuxconf? I agree with you totally!!!! > > > >Since this marks the third or so time I''ve heard this, I would like to > >know why. I''ve been running RH 6.2 for several years and use linux confas> >a convenience for a lot of quick jobs. The only thing I haven''t gotten to > >easily work with Linuxconf is Apache. ...Now it''s true, I don''t use itfor> >everything, it''s just faster at some things than I am with thekeyboard...> >Perhaps it''s worth mentioning, I _never_ run X windows so I don''t use the > >fancy version. > > > >Anyway, my question; What''s so bad with Linuxconf? You''re just too > >accustomed to the "manual" way? Or is it "broken" with regard to some > >tasks? > > > >RT > > > > > > > >_______________________________________________ > >Redhat-secure-server mailing list > >Redhat-secure-server@redhat.com > >https://listman.redhat.com/mailman/listinfo/redhat-secure-server > > > > > > > >_______________________________________________ > >Redhat-secure-server mailing list > >Redhat-secure-server@redhat.com > >https://listman.redhat.com/mailman/listinfo/redhat-secure-server > > _______________________________________________ > Redhat-secure-server mailing list > Redhat-secure-server@redhat.com > https://listman.redhat.com/mailman/listinfo/redhat-secure-server-- Darrin Powell LSSi Corp 919.466.6803 dpowell@lssi.net _______________________________________________ Redhat-secure-server mailing list Redhat-secure-server@redhat.com https://listman.redhat.com/mailman/listinfo/redhat-secure-server _______________________________________________ Redhat-secure-server mailing list Redhat-secure-server@redhat.com https://listman.redhat.com/mailman/listinfo/redhat-secure-server