Ghosting onto the Net
If you decide, as I did, to hook up some WinTel boxes to your Linux server, here are some hints to get it up and running.
In the following examples, I am assuming your personal network is on the 192.168.1.* subnet, the Linux server is at 192.168.1.1 and your Win95 machine is at IP address 192.168.1.2.
Select the network icon in your Win95 Control panel. Then select the TCP/IP -> network card entry in the list. Click on properties, so that the properties window will appear, and do the following:
Under the IP Address tab, select “Specify an IP address”, and enter 192.168.1.2 in the IP Address field, also enter 255.255.255.0 in the “Subnet Mask” field.
Under the Gateway tab enter 192.168.1.1 in the “New gateway” field, and click the Add button. This tells Windows that the Linux server is the gateway.
Under the DNS Configuration tab select “Enable DNS”, and enter the host name for your machine in the “Host field”. Then enter the domain you use for your internal network.
If you have the DNS name server running on your Linux server, enter 192.168.1.1 in the “DNS Server Search Order” field and click Add. If you are going to use your ISP's name server, enter your ISP's name server IP address in this field instead.
In the “Domain Suffix Search Order” field, you can re-enter your internal domain and click the Add button.
Last, click on the Okay button. Windows will reboot and you will be set to go.
This setup has worked quite well for me. Every morning before I go to work I decide whether I want to be able to access my box from the office through the Internet. If I do, I just turn it on, and at 7:30 AM cron starts the appear script, and I'm off to the races.
There are some security issues to be aware of—once your server is on the Net, anyone can access it. To prevent people from being able to telnet to your server from anywhere, add the following line to your /etc/hosts.deny file:
This entry denies access to your box from everywhere—it is a good default. Now add the following entry to your /etc/hosts.allow file:
ALL: LOCAL myisp.net mywork.com
This entry allows you to connect only from systems on your local network, your ISP and your place of work. (For more information about these files, see the man page for hosts.allow.)
Scott Steadman (firstname.lastname@example.org) is a contract programmer who lives in Lawrenceville, Georgia with his lovely wife Kim and their two cats.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- The Death of RoboVM
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- BitTorrent Inc.'s Sync
- The Humble Hacker?
- The US Government and Open-Source Software
- Open-Source Project Secretly Funded by CIA
- ACI Worldwide's UP Retail Payments
- New Container Image Standard Promises More Portable Apps
- AdaCore's SPARK Pro
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide