Re: Understanding iptables FC4

From: Ohmster (notareal_at_emailaddress.com)
Date: 07/20/05 

Date: Wed, 20 Jul 2005 00:48:57 GMT

Joseph <alkookh@yahoo.com> wrote in news:DsaDe.137961$tt5.111658@edtnps90:

>
> I was able to get my internet to work at home, but I can not get ftp,
> telnet and http to work. that is what started the whole problem.
>
> If any of you have set this up on Fedora 4 that would be great.
>
> I have AMD 64 processor and 200GB hard drive to get this working good so
> I can stay away from XP. I tried to install RH 9 which have the above
> setup and I can do things with but it did not see the HD maybe because
> its big.
> so, its two solution for me is to stay with Fedora which I'have tried
> but about to reach the end of the rob with their limitations and the
> other is to invist for a smaller hard drive for RH 9 as it could not
> sense/see my 200GB.
>
> Your advise would be appreciated

Joe,

Fedora Core works really good, if you have that installed, then use it. I
went from redhat 9 to fedora core 3. The redhat 9 machine really worked
great, had everything setup to work great. Had anonymous and regular user
vsftpd FTP server, had apache setup for my web server, then added user
directories to it so that each user had a public_html directory in their
home directories and they worked, that is, they were on the web with a
tilde after the domain name like mydomain.com/~user. I then added a real
domain to the server, then added 2 more FQDNs (Fully Qualified Domain Name,
in other words "real" domains.) to the httpd server so that I could use 3
different domains to reach the web server and each domain would take you to
a specific directory just for that domain. Instead of using telnet, I used
ssh to reach the machine with a command prompt. Originally I used telnet
but quickly switched to ssh as I got warnings and never-ending pleas from
the linux newsgroups to get rid of telnet and to use ssh instead because it
is more secure. What the heck, it is the same thing so far as the user
interface is concerned, it just uses a different protocol with encryption
so that no one could "sniff" the packets and discover passwords, etc.

I then added cool php stuff like phpbb message forum and awstats to show me
all kinds of information about who visited my websites with cool graphics.
Also added a really cool online photo gallery where the users could upload
photos and it did all kind of neat stuff. The message board and the photo
gallery both used a database, mysql, to keep track of the messages and
photos. Had a 30Gb hard drive for this, then added another 30Gb drive and
moved the home directory onto this new hard drive. The linux newsgroups
showed me how to do this and it was pretty easy, pretty neat too. I made
the new 30Gb drive exclusively for the home directories because each user
had a public_html directory and I pointed the domains at these user
directories and so if you went to the domain, you would go to a person's
/home/user name/public_html directory. This was cool because this does not
show up on the web and it was very easy for the user to access his own
public_html directory. Also my domain had it's own mail server and I used
it all the time, it was great. That stopped when my ISP started blocking
all port 25 Internet traffic except to their own mail servers. They did
this to stop spammers from buying a cheap DSL account and then sending out
millions of spam emails before getting caught and then kicked off. ...all
of this on redhat 9 and using a home ADSL Internet account.

Redhat 9 went EOL (End Of Line) and I still used redhat 9 because
everything worked so well. As redhat 9 got older and older, there were no
longer any updates for it, up2date and the redhat update applet no longer
worked. No more updates, especially security updates for me on redhat 9.
People in the newsgroup kept telling me to get rid of redhat 9 and move up
to a current distro like fedora core 3. I did not listen, did not want to
mess with something that worked so well. They kept telling me that I was
going to get hacked, they were right. The script kiddies got into my
machine through apache and had a grand old time, sending out thousands of
spam emails every day, all from my domain, with my name on them. I found
out about it because I kept getting bounced spam emails that were "from
me" and I know that I did not send these emails. I watched the linux
machine and would see the CPU go to very high levels of usage, all from
apache owned processes. The httpd logs showed the spam emails plus other
things that were not cool like processes that I don't even know what they
are (Trojans and other bad things that the hackers put on my machine via an
apache exploit and php. Remember, I had not gotten any more security
updates for apache or redhat 9 in over a year because there were no more
updates or hardly any and the updater programs on redhat 9 no longer worked
because the servers that they used to connect to were gone now. EOL.

Since the extent that my redhat machine was compromised was pretty vast,
all except root or user access (They could do a *lot* of damage just with
the apache and php exploits that were not patched or updated.), I decided
that everyone was right after all and that even if the redhat machine could
be cleaned up, it would never be secure anymore. I took out the two 30Gb
drives in the machine, installed a new 200Gb drive, and installed fedora
core 3. This was not a bad thing at all, since I had put everyone's home in
a separate drive, it was easy to drop the drive into the new fedora machine
and then copy over all of the home stuff from the old drive to the new
200Gb fedora drive. I then setup the stuff that I wanted like the ftp,
httpd, and ssh servers, then installed my websites again, did some custom
tweaks like making the machine boot with numlock lights on for both console
and xwindows, and I was done. The new fedora machine serves like a champ
and it is also a firewall and gateway for the rest of my home LAN. The
machine does masquerade just like the redhat machine did and oh it works so
good now. And you don't know what a relief it is to see that up2date has a
bunch of updates for me, again, all the time now. They are easy to install
too.

So now I got the fedora core 3 machine, everything works; firewall, ftp
server, http server, ssh server. Mail server works for local mail. pop3
works to collect mail with Outlook Express on other machines. Okay I got
all of this running on fedora core 3, not much different than fedora core
4, and many others have this setup working too so we can help you to get
yours working. Now you have to tell us exactly what you mean by "I can not
get ftp, telnet and http to work." What do you mean that you cannot get
them to work? They don't run, you don't know how to set them up, you do not
know how to configure them, what daemons (servers) are you trying to run?
vsftpd, proftpd, wuftpd, apache? What is the problem, Joe?

DO NOT USE TELNET! It is insecure and there is no difference to as a user
to use ssh instead. ssh comes with most all modern linux distributions,
including fedora. To connect to your ssh daemon, use an ssh client, a
really good, free one is putty. Get it here:

http://www.chiark.greenend.org.uk/~sgtatham/putty/

It is easy to use and once you connect, it is the same thing as telnet to
use. You can setup putty on your windows machine really nice and make it
the way you want it.

Yeah so we all have this stuff setup and working on fedora, what is the
problem, Joe? Give us details on what you are using, how you start it, what
program and daemons, what version, etc. 

-- 
~Ohmster
"Read Ohmster" in subject, bypass spam filter.
ohmster /a/t/ newsguy dot com

Relevant Pages

  • Re: Understanding iptables FC4
    ... >>If any of you have set this up on Fedora 4 that would be great. ... > vsftpd FTP server, had apache setup for my web server, then added user ... Instead of using telnet, I used ... > of this on redhat 9 and using a home ADSL Internet account. ...
    (alt.os.linux)
  • Fedora - My impressions
    ... First off, I only run a home server with no GUI, Apache (a lot of PHP ... at Suse, hard to get your hands on a copy and is a lot like Redhat, so way. ... there is no difference from RH8 to Fedora. ... I went thru all my install steps from doc that I made since I install ...
    (linux.redhat)
  • Re: Fedora vs Redhat
    ... is a hobbyists version make me have to consider moving to another linux ... Redhat can make money on RH or a new line selling RH subscriptions which I ... is Fedora just a workstation??? ... > contain pretty much the same server programs as Redhat 9 does. ...
    (alt.os.linux.redhat)
  • Re: Fedora vs Redhat
    ... > with Fedora?? ... contain pretty much the same server programs as Redhat 9 does. ... will run as a mail server, FTP or web server, file server and so on. ... The individual who is an avid Linux user was on a completely different ...
    (alt.os.linux.redhat)
  • Why I can`t do telnet or ftp in local?
    ... I have just installed my redhat without firewall, with telnet server, with ... anonftp, with wu-ftpd, and I can't do telnet, ftp in my own machine. ... I can do telnet or ftp to others servers but my machine don't find any dns ... server(they are well configured). ...
    (RedHat)
Quantcast